Merge pull request #60 from crossplane-contrib/firewall

Firewall Specs

apis/civo/firewall/v1alpha1/doc.go

@@ -0,0 +1,21 @@
+/*
+Copyright 2024 The Crossplane Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package v1alpha1 contains the v1alpha1 group Sample resources of the Template provider.
+// +kubebuilder:object:generate=true
+// +groupName=firewall.civo.crossplane.io
+// +versionName=v1alpha1
+package v1alpha1

apis/civo/firewall/v1alpha1/register.go

@@ -0,0 +1,50 @@
+/*
+Copyright 2020 The Crossplane Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1alpha1
+
+import (
+	"reflect"
+
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"sigs.k8s.io/controller-runtime/pkg/scheme"
+)
+
+// Package type metadata.
+const (
+	Group   = "firewall.civo.crossplane.io"
+	Version = "v1alpha1"
+)
+
+var (
+	// SchemeGroupVersion is group version used to register these objects
+	SchemeGroupVersion = schema.GroupVersion{Group: Group, Version: Version}
+
+	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
+	SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion}
+)
+
+// CivoFirewall type metadata.
+var (
+	CivoFirewallKind             = reflect.TypeOf(CivoFirewall{}).Name()
+	CivoFirewallGroupKind        = schema.GroupKind{Group: Group, Kind: CivoFirewallKind}.String()
+	CivoFirewallKindAPIVersion   = CivoFirewallKind + "." + SchemeGroupVersion.String()
+	CivoFirewallGroupVersionKind = SchemeGroupVersion.WithKind(CivoFirewallKind)
+)
+
+func init() {
+	SchemeBuilder.Register(&CivoFirewall{}, &CivoFirewallList{})
+}

apis/civo/firewall/v1alpha1/types.go

@@ -0,0 +1,126 @@
+package v1alpha1
+
+import (
+	xpv1 "github.com/crossplane/crossplane-runtime/apis/common/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// CivoFirewallSpec defines the desired state of a Firewall.
+type CivoFirewallSpec struct {
+	xpv1.ResourceSpec `json:",inline"`
+
+	// Name is the name of the Firewall within Civo.
+	// +kubebuilder:validation:Required
+	// +immutable
+	Name string `json:"name"`
+
+	// NetworkID is the identifier for the network associated with the Firewall.
+	// +kubebuilder:validation:Required
+	// +immutable
+	NetworkID string `json:"networkId"`
+
+	// Region is the identifier for the region in which the Firewall is deployed.
+	// +kubebuilder:validation:Required
+	Region string `json:"region"`
+
+	// Rules are the set of rules applied to the firewall.
+	// +optional
+	Rules []FirewallRule `json:"rules,omitempty"`
+
+	// ProviderReference holds configs (region, API key etc) for the crossplane provider that is being used.
+	ProviderReference *xpv1.Reference `json:"providerReference"`
+}
+
+// FirewallRule defines the rules applied to the Firewall.
+type FirewallRule struct {
+	// Protocol used by the rule (TCP, UDP, ICMP).
+	// +kubebuilder:validation:Enum=TCP;UDP;ICMP
+	// +kubebuilder:validation:Required
+	Protocol string `json:"protocol"`
+
+	// StartPort is the starting port of the range.
+	// +kubebuilder:validation:Required
+	StartPort int `json:"startPort"`
+
+	// EndPort is the ending port of the range.
+	// +optional
+	EndPort *int `json:"endPort,omitempty"`
+
+	// CIDR is the IP address range that is applicable for the rule.
+	// +kubebuilder:validation:Required
+	CIDR string `json:"cidr"`
+
+	// Direction indicates whether the rule is for inbound or outbound traffic.
+	// +kubebuilder:validation:Enum=ingress;egress
+	// +kubebuilder:validation:Required
+	Direction string `json:"direction"`
+
+	// Label is an optional identifier for the rule.
+	// +optional
+	Label string `json:"label,omitempty"`
+}
+
+// CivoFirewallStatus defines the observed state of CivoFirewall.
+type CivoFirewallStatus struct {
+	xpv1.ResourceStatus `json:",inline"`
+	AtProvider          CivoFirewallObservation `json:"atProvider,omitempty"`
+}
+
+// CivoFirewallObservation is used to reflect the observed state of the firewall.
+type CivoFirewallObservation struct {
+	// ID is the Civo ID of the Firewall.
+	ID string `json:"id,omitempty"`
+
+	// InstanceCount shows how many instances are using this firewall.
+	InstanceCount *int `json:"instanceCount,omitempty"`
+
+	// RulesCount shows how many rules are associated with this firewall.
+	RulesCount int `json:"rulesCount"`
+}
+
+// +kubebuilder:object:root=true
+
+// CivoFirewall is the Schema for the CivoFirewalls API
+// +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status"
+// +kubebuilder:printcolumn:name="MESSAGE",type="string",JSONPath=".status.atProvider.state"
+// Please replace `PROVIDER-NAME` with your actual provider name, like `aws`, `azure`, `gcp`, `alibaba`
+// +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,civo}
+// +kubebuilder:subresource:status
+type CivoFirewall struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   CivoFirewallSpec   `json:"spec"`
+	Status CivoFirewallStatus `json:"status,omitempty"`
+}
+
+// SetManagementPolicies sets up management policies.
+func (mg *CivoFirewall) SetManagementPolicies(r xpv1.ManagementPolicies) {}
+
+// GetManagementPolicies gets management policies.
+func (mg *CivoFirewall) GetManagementPolicies() xpv1.ManagementPolicies {
+	// Note: Crossplane runtime reconciler should leave handling of
+	// ManagementPolicies to the provider controller. This is a temporary hack
+	// until we remove the ManagementPolicy field from the Provider Kubernetes
+	// Object in favor of the one in the ResourceSpec.
+	return []xpv1.ManagementAction{xpv1.ManagementActionAll}
+}
+
+// SetPublishConnectionDetailsTo sets up connection details.
+func (mg *CivoFirewall) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) {
+	mg.Spec.PublishConnectionDetailsTo = r
+}
+
+// GetPublishConnectionDetailsTo gets publish connection details.
+func (mg *CivoFirewall) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo {
+	return mg.Spec.PublishConnectionDetailsTo
+}
+
+// +kubebuilder:object:root=true
+
+// CivoFirewallList contains a list of CivoFirewall.
+type CivoFirewallList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []CivoFirewall `json:"items"`
+}