-
Notifications
You must be signed in to change notification settings - Fork 22
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #60 from crossplane-contrib/firewall
Firewall Specs
- Loading branch information
Showing
7 changed files
with
863 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
/* | ||
Copyright 2024 The Crossplane Authors. | ||
Licensed under the Apache License, Version 2.0 (the "License"); | ||
you may not use this file except in compliance with the License. | ||
You may obtain a copy of the License at | ||
http://www.apache.org/licenses/LICENSE-2.0 | ||
Unless required by applicable law or agreed to in writing, software | ||
distributed under the License is distributed on an "AS IS" BASIS, | ||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
See the License for the specific language governing permissions and | ||
limitations under the License. | ||
*/ | ||
|
||
// Package v1alpha1 contains the v1alpha1 group Sample resources of the Template provider. | ||
// +kubebuilder:object:generate=true | ||
// +groupName=firewall.civo.crossplane.io | ||
// +versionName=v1alpha1 | ||
package v1alpha1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
/* | ||
Copyright 2020 The Crossplane Authors. | ||
Licensed under the Apache License, Version 2.0 (the "License"); | ||
you may not use this file except in compliance with the License. | ||
You may obtain a copy of the License at | ||
http://www.apache.org/licenses/LICENSE-2.0 | ||
Unless required by applicable law or agreed to in writing, software | ||
distributed under the License is distributed on an "AS IS" BASIS, | ||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
See the License for the specific language governing permissions and | ||
limitations under the License. | ||
*/ | ||
|
||
package v1alpha1 | ||
|
||
import ( | ||
"reflect" | ||
|
||
"k8s.io/apimachinery/pkg/runtime/schema" | ||
"sigs.k8s.io/controller-runtime/pkg/scheme" | ||
) | ||
|
||
// Package type metadata. | ||
const ( | ||
Group = "firewall.civo.crossplane.io" | ||
Version = "v1alpha1" | ||
) | ||
|
||
var ( | ||
// SchemeGroupVersion is group version used to register these objects | ||
SchemeGroupVersion = schema.GroupVersion{Group: Group, Version: Version} | ||
|
||
// SchemeBuilder is used to add go types to the GroupVersionKind scheme | ||
SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion} | ||
) | ||
|
||
// CivoFirewall type metadata. | ||
var ( | ||
CivoFirewallKind = reflect.TypeOf(CivoFirewall{}).Name() | ||
CivoFirewallGroupKind = schema.GroupKind{Group: Group, Kind: CivoFirewallKind}.String() | ||
CivoFirewallKindAPIVersion = CivoFirewallKind + "." + SchemeGroupVersion.String() | ||
CivoFirewallGroupVersionKind = SchemeGroupVersion.WithKind(CivoFirewallKind) | ||
) | ||
|
||
func init() { | ||
SchemeBuilder.Register(&CivoFirewall{}, &CivoFirewallList{}) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,126 @@ | ||
package v1alpha1 | ||
|
||
import ( | ||
xpv1 "github.com/crossplane/crossplane-runtime/apis/common/v1" | ||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" | ||
) | ||
|
||
// CivoFirewallSpec defines the desired state of a Firewall. | ||
type CivoFirewallSpec struct { | ||
xpv1.ResourceSpec `json:",inline"` | ||
|
||
// Name is the name of the Firewall within Civo. | ||
// +kubebuilder:validation:Required | ||
// +immutable | ||
Name string `json:"name"` | ||
|
||
// NetworkID is the identifier for the network associated with the Firewall. | ||
// +kubebuilder:validation:Required | ||
// +immutable | ||
NetworkID string `json:"networkId"` | ||
|
||
// Region is the identifier for the region in which the Firewall is deployed. | ||
// +kubebuilder:validation:Required | ||
Region string `json:"region"` | ||
|
||
// Rules are the set of rules applied to the firewall. | ||
// +optional | ||
Rules []FirewallRule `json:"rules,omitempty"` | ||
|
||
// ProviderReference holds configs (region, API key etc) for the crossplane provider that is being used. | ||
ProviderReference *xpv1.Reference `json:"providerReference"` | ||
} | ||
|
||
// FirewallRule defines the rules applied to the Firewall. | ||
type FirewallRule struct { | ||
// Protocol used by the rule (TCP, UDP, ICMP). | ||
// +kubebuilder:validation:Enum=TCP;UDP;ICMP | ||
// +kubebuilder:validation:Required | ||
Protocol string `json:"protocol"` | ||
|
||
// StartPort is the starting port of the range. | ||
// +kubebuilder:validation:Required | ||
StartPort int `json:"startPort"` | ||
|
||
// EndPort is the ending port of the range. | ||
// +optional | ||
EndPort *int `json:"endPort,omitempty"` | ||
|
||
// CIDR is the IP address range that is applicable for the rule. | ||
// +kubebuilder:validation:Required | ||
CIDR string `json:"cidr"` | ||
|
||
// Direction indicates whether the rule is for inbound or outbound traffic. | ||
// +kubebuilder:validation:Enum=ingress;egress | ||
// +kubebuilder:validation:Required | ||
Direction string `json:"direction"` | ||
|
||
// Label is an optional identifier for the rule. | ||
// +optional | ||
Label string `json:"label,omitempty"` | ||
} | ||
|
||
// CivoFirewallStatus defines the observed state of CivoFirewall. | ||
type CivoFirewallStatus struct { | ||
xpv1.ResourceStatus `json:",inline"` | ||
AtProvider CivoFirewallObservation `json:"atProvider,omitempty"` | ||
} | ||
|
||
// CivoFirewallObservation is used to reflect the observed state of the firewall. | ||
type CivoFirewallObservation struct { | ||
// ID is the Civo ID of the Firewall. | ||
ID string `json:"id,omitempty"` | ||
|
||
// InstanceCount shows how many instances are using this firewall. | ||
InstanceCount *int `json:"instanceCount,omitempty"` | ||
|
||
// RulesCount shows how many rules are associated with this firewall. | ||
RulesCount int `json:"rulesCount"` | ||
} | ||
|
||
// +kubebuilder:object:root=true | ||
|
||
// CivoFirewall is the Schema for the CivoFirewalls API | ||
// +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" | ||
// +kubebuilder:printcolumn:name="MESSAGE",type="string",JSONPath=".status.atProvider.state" | ||
// Please replace `PROVIDER-NAME` with your actual provider name, like `aws`, `azure`, `gcp`, `alibaba` | ||
// +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,civo} | ||
// +kubebuilder:subresource:status | ||
type CivoFirewall struct { | ||
metav1.TypeMeta `json:",inline"` | ||
metav1.ObjectMeta `json:"metadata,omitempty"` | ||
|
||
Spec CivoFirewallSpec `json:"spec"` | ||
Status CivoFirewallStatus `json:"status,omitempty"` | ||
} | ||
|
||
// SetManagementPolicies sets up management policies. | ||
func (mg *CivoFirewall) SetManagementPolicies(r xpv1.ManagementPolicies) {} | ||
|
||
// GetManagementPolicies gets management policies. | ||
func (mg *CivoFirewall) GetManagementPolicies() xpv1.ManagementPolicies { | ||
// Note: Crossplane runtime reconciler should leave handling of | ||
// ManagementPolicies to the provider controller. This is a temporary hack | ||
// until we remove the ManagementPolicy field from the Provider Kubernetes | ||
// Object in favor of the one in the ResourceSpec. | ||
return []xpv1.ManagementAction{xpv1.ManagementActionAll} | ||
} | ||
|
||
// SetPublishConnectionDetailsTo sets up connection details. | ||
func (mg *CivoFirewall) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { | ||
mg.Spec.PublishConnectionDetailsTo = r | ||
} | ||
|
||
// GetPublishConnectionDetailsTo gets publish connection details. | ||
func (mg *CivoFirewall) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { | ||
return mg.Spec.PublishConnectionDetailsTo | ||
} | ||
|
||
// +kubebuilder:object:root=true | ||
|
||
// CivoFirewallList contains a list of CivoFirewall. | ||
type CivoFirewallList struct { | ||
metav1.TypeMeta `json:",inline"` | ||
metav1.ListMeta `json:"metadata,omitempty"` | ||
Items []CivoFirewall `json:"items"` | ||
} |
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Oops, something went wrong.