diff --git a/apis/administrativeunits/v1beta1/zz_generated.deepcopy.go b/apis/administrativeunits/v1beta1/zz_generated.deepcopy.go index 2ffe6a14..120b39f1 100644 --- a/apis/administrativeunits/v1beta1/zz_generated.deepcopy.go +++ b/apis/administrativeunits/v1beta1/zz_generated.deepcopy.go @@ -41,6 +41,26 @@ func (in *Member) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MemberInitParameters) DeepCopyInto(out *MemberInitParameters) { + *out = *in + if in.MemberObjectID != nil { + in, out := &in.MemberObjectID, &out.MemberObjectID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MemberInitParameters. +func (in *MemberInitParameters) DeepCopy() *MemberInitParameters { + if in == nil { + return nil + } + out := new(MemberInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *MemberList) DeepCopyInto(out *MemberList) { *out = *in @@ -143,6 +163,7 @@ func (in *MemberSpec) DeepCopyInto(out *MemberSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MemberSpec. @@ -199,6 +220,52 @@ func (in *Unit) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UnitInitParameters) DeepCopyInto(out *UnitInitParameters) { + *out = *in + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.DisplayName != nil { + in, out := &in.DisplayName, &out.DisplayName + *out = new(string) + **out = **in + } + if in.HiddenMembershipEnabled != nil { + in, out := &in.HiddenMembershipEnabled, &out.HiddenMembershipEnabled + *out = new(bool) + **out = **in + } + if in.Members != nil { + in, out := &in.Members, &out.Members + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.PreventDuplicateNames != nil { + in, out := &in.PreventDuplicateNames, &out.PreventDuplicateNames + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UnitInitParameters. +func (in *UnitInitParameters) DeepCopy() *UnitInitParameters { + if in == nil { + return nil + } + out := new(UnitInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *UnitList) DeepCopyInto(out *UnitList) { *out = *in @@ -338,6 +405,7 @@ func (in *UnitSpec) DeepCopyInto(out *UnitSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UnitSpec. diff --git a/apis/administrativeunits/v1beta1/zz_generated.managed.go b/apis/administrativeunits/v1beta1/zz_generated.managed.go index b15bbc42..6955cf85 100644 --- a/apis/administrativeunits/v1beta1/zz_generated.managed.go +++ b/apis/administrativeunits/v1beta1/zz_generated.managed.go @@ -17,9 +17,9 @@ func (mg *Member) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this Member. -func (mg *Member) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this Member. +func (mg *Member) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this Member. @@ -55,9 +55,9 @@ func (mg *Member) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this Member. -func (mg *Member) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this Member. +func (mg *Member) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this Member. @@ -93,9 +93,9 @@ func (mg *Unit) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this Unit. -func (mg *Unit) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this Unit. +func (mg *Unit) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this Unit. @@ -131,9 +131,9 @@ func (mg *Unit) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this Unit. -func (mg *Unit) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this Unit. +func (mg *Unit) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this Unit. diff --git a/apis/administrativeunits/v1beta1/zz_generated_terraformed.go b/apis/administrativeunits/v1beta1/zz_generated_terraformed.go index 00eec8b1..9008d4eb 100755 --- a/apis/administrativeunits/v1beta1/zz_generated_terraformed.go +++ b/apis/administrativeunits/v1beta1/zz_generated_terraformed.go @@ -69,6 +69,16 @@ func (tr *Unit) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this Unit +func (tr *Unit) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this Unit using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *Unit) LateInitialize(attrs []byte) (bool, error) { @@ -143,6 +153,16 @@ func (tr *Member) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this Member +func (tr *Member) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this Member using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *Member) LateInitialize(attrs []byte) (bool, error) { diff --git a/apis/administrativeunits/v1beta1/zz_member_types.go b/apis/administrativeunits/v1beta1/zz_member_types.go index 7499a6c5..1d33c7dc 100755 --- a/apis/administrativeunits/v1beta1/zz_member_types.go +++ b/apis/administrativeunits/v1beta1/zz_member_types.go @@ -13,6 +13,13 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type MemberInitParameters struct { + + // The object ID of the user or group you want to add as a member of the administrative unit. Changing this forces a new resource to be created. + // The object ID of the member + MemberObjectID *string `json:"memberObjectId,omitempty" tf:"member_object_id,omitempty"` +} + type MemberObservation struct { // The object ID of the administrative unit you want to add the member to. Changing this forces a new resource to be created. @@ -52,6 +59,18 @@ type MemberParameters struct { type MemberSpec struct { v1.ResourceSpec `json:",inline"` ForProvider MemberParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider MemberInitParameters `json:"initProvider,omitempty"` } // MemberStatus defines the observed state of Member. diff --git a/apis/administrativeunits/v1beta1/zz_unit_types.go b/apis/administrativeunits/v1beta1/zz_unit_types.go index 2a6022b8..9160f1ee 100755 --- a/apis/administrativeunits/v1beta1/zz_unit_types.go +++ b/apis/administrativeunits/v1beta1/zz_unit_types.go @@ -13,6 +13,27 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type UnitInitParameters struct { + + // The description of the administrative unit. + // The description for the administrative unit + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // The display name of the administrative unit. + // The display name for the administrative unit + DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"` + + // Whether the administrative unit and its members are hidden or publicly viewable in the directory + HiddenMembershipEnabled *bool `json:"hiddenMembershipEnabled,omitempty" tf:"hidden_membership_enabled,omitempty"` + + // A set of object IDs of members who should be present in this administrative unit. Supported object types are Users or Groups. + // A set of object IDs of members who should be present in this administrative unit. Supported object types are Users or Groups + Members []*string `json:"members,omitempty" tf:"members,omitempty"` + + // If `true`, will return an error if an existing administrative unit is found with the same name + PreventDuplicateNames *bool `json:"preventDuplicateNames,omitempty" tf:"prevent_duplicate_names,omitempty"` +} + type UnitObservation struct { // The description of the administrative unit. @@ -70,6 +91,18 @@ type UnitParameters struct { type UnitSpec struct { v1.ResourceSpec `json:",inline"` ForProvider UnitParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider UnitInitParameters `json:"initProvider,omitempty"` } // UnitStatus defines the observed state of Unit. @@ -90,7 +123,7 @@ type UnitStatus struct { type Unit struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.displayName)",message="displayName is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.displayName) || has(self.initProvider.displayName)",message="displayName is a required parameter" Spec UnitSpec `json:"spec"` Status UnitStatus `json:"status,omitempty"` } diff --git a/apis/app/v1beta1/zz_generated.deepcopy.go b/apis/app/v1beta1/zz_generated.deepcopy.go index 7d6f828e..99d883d1 100644 --- a/apis/app/v1beta1/zz_generated.deepcopy.go +++ b/apis/app/v1beta1/zz_generated.deepcopy.go @@ -41,6 +41,26 @@ func (in *RoleAssignment) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RoleAssignmentInitParameters) DeepCopyInto(out *RoleAssignmentInitParameters) { + *out = *in + if in.AppRoleID != nil { + in, out := &in.AppRoleID, &out.AppRoleID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleAssignmentInitParameters. +func (in *RoleAssignmentInitParameters) DeepCopy() *RoleAssignmentInitParameters { + if in == nil { + return nil + } + out := new(RoleAssignmentInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RoleAssignmentList) DeepCopyInto(out *RoleAssignmentList) { *out = *in @@ -178,6 +198,7 @@ func (in *RoleAssignmentSpec) DeepCopyInto(out *RoleAssignmentSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleAssignmentSpec. diff --git a/apis/app/v1beta1/zz_generated.managed.go b/apis/app/v1beta1/zz_generated.managed.go index 3ada5641..dff90040 100644 --- a/apis/app/v1beta1/zz_generated.managed.go +++ b/apis/app/v1beta1/zz_generated.managed.go @@ -17,9 +17,9 @@ func (mg *RoleAssignment) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this RoleAssignment. -func (mg *RoleAssignment) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this RoleAssignment. +func (mg *RoleAssignment) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this RoleAssignment. @@ -55,9 +55,9 @@ func (mg *RoleAssignment) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this RoleAssignment. -func (mg *RoleAssignment) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this RoleAssignment. +func (mg *RoleAssignment) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this RoleAssignment. diff --git a/apis/app/v1beta1/zz_generated_terraformed.go b/apis/app/v1beta1/zz_generated_terraformed.go index 1a6a6a3c..f38da54b 100755 --- a/apis/app/v1beta1/zz_generated_terraformed.go +++ b/apis/app/v1beta1/zz_generated_terraformed.go @@ -69,6 +69,16 @@ func (tr *RoleAssignment) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this RoleAssignment +func (tr *RoleAssignment) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this RoleAssignment using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *RoleAssignment) LateInitialize(attrs []byte) (bool, error) { diff --git a/apis/app/v1beta1/zz_roleassignment_types.go b/apis/app/v1beta1/zz_roleassignment_types.go index 37987783..9794de7a 100755 --- a/apis/app/v1beta1/zz_roleassignment_types.go +++ b/apis/app/v1beta1/zz_roleassignment_types.go @@ -13,6 +13,13 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type RoleAssignmentInitParameters struct { + + // The ID of the app role to be assigned, or the default role ID 00000000-0000-0000-0000-000000000000. Changing this forces a new resource to be created. + // The ID of the app role to be assigned + AppRoleID *string `json:"appRoleId,omitempty" tf:"app_role_id,omitempty"` +} + type RoleAssignmentObservation struct { // The ID of the app role to be assigned, or the default role ID 00000000-0000-0000-0000-000000000000. Changing this forces a new resource to be created. @@ -82,6 +89,18 @@ type RoleAssignmentParameters struct { type RoleAssignmentSpec struct { v1.ResourceSpec `json:",inline"` ForProvider RoleAssignmentParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider RoleAssignmentInitParameters `json:"initProvider,omitempty"` } // RoleAssignmentStatus defines the observed state of RoleAssignment. @@ -102,7 +121,7 @@ type RoleAssignmentStatus struct { type RoleAssignment struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.appRoleId)",message="appRoleId is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.appRoleId) || has(self.initProvider.appRoleId)",message="appRoleId is a required parameter" Spec RoleAssignmentSpec `json:"spec"` Status RoleAssignmentStatus `json:"status,omitempty"` } diff --git a/apis/applications/v1beta1/zz_application_types.go b/apis/applications/v1beta1/zz_application_types.go index b37e3385..3abb990f 100755 --- a/apis/applications/v1beta1/zz_application_types.go +++ b/apis/applications/v1beta1/zz_application_types.go @@ -13,6 +13,25 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type APIInitParameters struct { + + // A set of application IDs (client IDs), used for bundling consent if you have a solution that contains two parts: a client app and a custom web API app. + // Used for bundling consent if you have a solution that contains two parts: a client app and a custom web API app + KnownClientApplications []*string `json:"knownClientApplications,omitempty" tf:"known_client_applications,omitempty"` + + // Allows an application to use claims mapping without specifying a custom signing key. Defaults to false. + // Allows an application to use claims mapping without specifying a custom signing key + MappedClaimsEnabled *bool `json:"mappedClaimsEnabled,omitempty" tf:"mapped_claims_enabled,omitempty"` + + // One or more oauth2_permission_scope blocks as documented below, to describe delegated permissions exposed by the web API represented by this application. + // One or more `oauth2_permission_scope` blocks to describe delegated permissions exposed by the web API represented by this application + Oauth2PermissionScope []Oauth2PermissionScopeInitParameters `json:"oauth2PermissionScope,omitempty" tf:"oauth2_permission_scope,omitempty"` + + // The access token version expected by this resource. Must be one of 1 or 2, and must be 2 when sign_in_audience is either AzureADandPersonalMicrosoftAccount or PersonalMicrosoftAccount Defaults to 1. + // The access token version expected by this resource + RequestedAccessTokenVersion *float64 `json:"requestedAccessTokenVersion,omitempty" tf:"requested_access_token_version,omitempty"` +} + type APIObservation struct { // A set of application IDs (client IDs), used for bundling consent if you have a solution that contains two parts: a client app and a custom web API app. @@ -55,6 +74,25 @@ type APIParameters struct { RequestedAccessTokenVersion *float64 `json:"requestedAccessTokenVersion,omitempty" tf:"requested_access_token_version,omitempty"` } +type AccessTokenInitParameters struct { + + // List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim. + // List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim + AdditionalProperties []*string `json:"additionalProperties,omitempty" tf:"additional_properties,omitempty"` + + // Whether the claim specified by the client is necessary to ensure a smooth authorization experience. + // Whether the claim specified by the client is necessary to ensure a smooth authorization experience + Essential *bool `json:"essential,omitempty" tf:"essential,omitempty"` + + // The name of the optional claim. + // The name of the optional claim + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // The source of the claim. If source is absent, the claim is a predefined optional claim. If source is user, the value of name is the extension property from the user object. + // The source of the claim. If `source` is absent, the claim is a predefined optional claim. If `source` is `user`, the value of `name` is the extension property from the user object + Source *string `json:"source,omitempty" tf:"source,omitempty"` +} + type AccessTokenObservation struct { // List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim. @@ -88,8 +126,8 @@ type AccessTokenParameters struct { // The name of the optional claim. // The name of the optional claim - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` // The source of the claim. If source is absent, the claim is a predefined optional claim. If source is user, the value of name is the extension property from the user object. // The source of the claim. If `source` is absent, the claim is a predefined optional claim. If `source` is `user`, the value of `name` is the extension property from the user object @@ -97,6 +135,33 @@ type AccessTokenParameters struct { Source *string `json:"source,omitempty" tf:"source,omitempty"` } +type AppRoleInitParameters struct { + + // Specifies whether this app role definition can be assigned to users and groups by setting to User, or to other applications (that are accessing this application in a standalone scenario) by setting to Application, or to both. + // Specifies whether this app role definition can be assigned to users and groups by setting to `User`, or to other applications (that are accessing this application in a standalone scenario) by setting to `Application`, or to both + AllowedMemberTypes []*string `json:"allowedMemberTypes,omitempty" tf:"allowed_member_types,omitempty"` + + // Description of the app role that appears when the role is being assigned and, if the role functions as an application permissions, during the consent experiences. + // Description of the app role that appears when the role is being assigned and, if the role functions as an application permissions, during the consent experiences + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // Display name for the app role that appears during app role assignment and in consent experiences. + // Display name for the app role that appears during app role assignment and in consent experiences + DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"` + + // Determines if the app role is enabled. Defaults to true. + // Determines if the app role is enabled + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // The unique identifier of the app role. Must be a valid UUID. + // The unique identifier of the app role + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // The value that is used for the roles claim in ID tokens and OAuth 2.0 access tokens that are authenticating an assigned service or user principal. + // The value that is used for the `roles` claim in ID tokens and OAuth 2.0 access tokens that are authenticating an assigned service or user principal + Value *string `json:"value,omitempty" tf:"value,omitempty"` +} + type AppRoleObservation struct { // Specifies whether this app role definition can be assigned to users and groups by setting to User, or to other applications (that are accessing this application in a standalone scenario) by setting to Application, or to both. @@ -128,18 +193,18 @@ type AppRoleParameters struct { // Specifies whether this app role definition can be assigned to users and groups by setting to User, or to other applications (that are accessing this application in a standalone scenario) by setting to Application, or to both. // Specifies whether this app role definition can be assigned to users and groups by setting to `User`, or to other applications (that are accessing this application in a standalone scenario) by setting to `Application`, or to both - // +kubebuilder:validation:Required - AllowedMemberTypes []*string `json:"allowedMemberTypes" tf:"allowed_member_types,omitempty"` + // +kubebuilder:validation:Optional + AllowedMemberTypes []*string `json:"allowedMemberTypes,omitempty" tf:"allowed_member_types,omitempty"` // Description of the app role that appears when the role is being assigned and, if the role functions as an application permissions, during the consent experiences. // Description of the app role that appears when the role is being assigned and, if the role functions as an application permissions, during the consent experiences - // +kubebuilder:validation:Required - Description *string `json:"description" tf:"description,omitempty"` + // +kubebuilder:validation:Optional + Description *string `json:"description,omitempty" tf:"description,omitempty"` // Display name for the app role that appears during app role assignment and in consent experiences. // Display name for the app role that appears during app role assignment and in consent experiences - // +kubebuilder:validation:Required - DisplayName *string `json:"displayName" tf:"display_name,omitempty"` + // +kubebuilder:validation:Optional + DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"` // Determines if the app role is enabled. Defaults to true. // Determines if the app role is enabled @@ -148,8 +213,8 @@ type AppRoleParameters struct { // The unique identifier of the app role. Must be a valid UUID. // The unique identifier of the app role - // +kubebuilder:validation:Required - ID *string `json:"id" tf:"id,omitempty"` + // +kubebuilder:validation:Optional + ID *string `json:"id,omitempty" tf:"id,omitempty"` // The value that is used for the roles claim in ID tokens and OAuth 2.0 access tokens that are authenticating an assigned service or user principal. // The value that is used for the `roles` claim in ID tokens and OAuth 2.0 access tokens that are authenticating an assigned service or user principal @@ -157,6 +222,110 @@ type AppRoleParameters struct { Value *string `json:"value,omitempty" tf:"value,omitempty"` } +type ApplicationInitParameters struct { + + // An api block as documented below, which configures API related settings for this application. + API []APIInitParameters `json:"api,omitempty" tf:"api,omitempty"` + + // A collection of app_role blocks as documented below. For more information see official documentation on Application Roles. + AppRole []AppRoleInitParameters `json:"appRole,omitempty" tf:"app_role,omitempty"` + + // A description of the application, as shown to end users. + // Description of the application as shown to end users + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // Specifies whether this application supports device authentication without a user. Defaults to false. + // Specifies whether this application supports device authentication without a user. + DeviceOnlyAuthEnabled *bool `json:"deviceOnlyAuthEnabled,omitempty" tf:"device_only_auth_enabled,omitempty"` + + // The display name for the application. + // The display name for the application + DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"` + + // Specifies whether the application is a public client. Appropriate for apps using token grant flows that don't use a redirect URI. Defaults to false. + // Specifies whether the application is a public client. Appropriate for apps using token grant flows that don't use a redirect URI + FallbackPublicClientEnabled *bool `json:"fallbackPublicClientEnabled,omitempty" tf:"fallback_public_client_enabled,omitempty"` + + // A feature_tags block as described below. Cannot be used together with the tags property. + // Block of features to configure for this application using tags + FeatureTags []FeatureTagsInitParameters `json:"featureTags,omitempty" tf:"feature_tags,omitempty"` + + // Configures the groups claim issued in a user or OAuth 2.0 access token that the app expects. Possible values are None, SecurityGroup, DirectoryRole, ApplicationGroup or All. + // Configures the `groups` claim issued in a user or OAuth 2.0 access token that the app expects + GroupMembershipClaims []*string `json:"groupMembershipClaims,omitempty" tf:"group_membership_claims,omitempty"` + + // A set of user-defined URI(s) that uniquely identify an application within its Azure AD tenant, or within a verified custom domain if the application is multi-tenant. + // The user-defined URI(s) that uniquely identify an application within its Azure AD tenant, or within a verified custom domain if the application is multi-tenant + IdentifierUris []*string `json:"identifierUris,omitempty" tf:"identifier_uris,omitempty"` + + // A logo image to upload for the application, as a raw base64-encoded string. The image should be in gif, jpeg or png format. Note that once an image has been uploaded, it is not possible to remove it without replacing it with another image. + // Base64 encoded logo image in gif, png or jpeg format + LogoImage *string `json:"logoImage,omitempty" tf:"logo_image,omitempty"` + + // URL of the application's marketing page. + // URL of the application's marketing page + MarketingURL *string `json:"marketingUrl,omitempty" tf:"marketing_url,omitempty"` + + // User-specified notes relevant for the management of the application. + // User-specified notes relevant for the management of the application + Notes *string `json:"notes,omitempty" tf:"notes,omitempty"` + + // Specifies whether, as part of OAuth 2.0 token requests, Azure AD allows POST requests, as opposed to GET requests. Defaults to false, which specifies that only GET requests are allowed. + // Specifies whether, as part of OAuth 2.0 token requests, Azure AD allows POST requests, as opposed to GET requests. + Oauth2PostResponseRequired *bool `json:"oauth2PostResponseRequired,omitempty" tf:"oauth2_post_response_required,omitempty"` + + // An optional_claims block as documented below. + OptionalClaims []OptionalClaimsInitParameters `json:"optionalClaims,omitempty" tf:"optional_claims,omitempty"` + + // A set of object IDs of principals that will be granted ownership of the application. Supported object types are users or service principals. By default, no owners are assigned. + // A list of object IDs of principals that will be granted ownership of the application + Owners []*string `json:"owners,omitempty" tf:"owners,omitempty"` + + // If true, will return an error if an existing application is found with the same name. Defaults to false. + // If `true`, will return an error if an existing application is found with the same name + PreventDuplicateNames *bool `json:"preventDuplicateNames,omitempty" tf:"prevent_duplicate_names,omitempty"` + + // URL of the application's privacy statement. + // URL of the application's privacy statement + PrivacyStatementURL *string `json:"privacyStatementUrl,omitempty" tf:"privacy_statement_url,omitempty"` + + // A public_client block as documented below, which configures non-web app or non-web API application settings, for example mobile or other public clients such as an installed application running on a desktop device. + PublicClient []PublicClientInitParameters `json:"publicClient,omitempty" tf:"public_client,omitempty"` + + // A collection of required_resource_access blocks as documented below. + RequiredResourceAccess []RequiredResourceAccessInitParameters `json:"requiredResourceAccess,omitempty" tf:"required_resource_access,omitempty"` + + // References application context information from a Service or Asset Management database. + // References application or service contact information from a Service or Asset Management database + ServiceManagementReference *string `json:"serviceManagementReference,omitempty" tf:"service_management_reference,omitempty"` + + // The Microsoft account types that are supported for the current application. Must be one of AzureADMyOrg, AzureADMultipleOrgs, AzureADandPersonalMicrosoftAccount or PersonalMicrosoftAccount. Defaults to AzureADMyOrg. + // The Microsoft account types that are supported for the current application + SignInAudience *string `json:"signInAudience,omitempty" tf:"sign_in_audience,omitempty"` + + // A single_page_application block as documented below, which configures single-page application (SPA) related settings for this application. + SinglePageApplication []SinglePageApplicationInitParameters `json:"singlePageApplication,omitempty" tf:"single_page_application,omitempty"` + + // URL of the application's support page. + // URL of the application's support page + SupportURL *string `json:"supportUrl,omitempty" tf:"support_url,omitempty"` + + // A set of tags to apply to the application for configuring specific behaviours of the application and linked service principals. Note that these are not provided for use by practitioners. Cannot be used together with the feature_tags block. + // A set of tags to apply to the application + Tags []*string `json:"tags,omitempty" tf:"tags,omitempty"` + + // Unique ID for a templated application in the Azure AD App Gallery, from which to create the application. Changing this forces a new resource to be created. + // Unique ID of the application template from which this application is created + TemplateID *string `json:"templateId,omitempty" tf:"template_id,omitempty"` + + // URL of the application's terms of service statement. + // URL of the application's terms of service statement + TermsOfServiceURL *string `json:"termsOfServiceUrl,omitempty" tf:"terms_of_service_url,omitempty"` + + // A web block as documented below, which configures web related settings for this application. + Web []WebInitParameters `json:"web,omitempty" tf:"web,omitempty"` +} + type ApplicationObservation struct { // An api block as documented below, which configures API related settings for this application. @@ -423,6 +592,25 @@ type ApplicationParameters struct { Web []WebParameters `json:"web,omitempty" tf:"web,omitempty"` } +type FeatureTagsInitParameters struct { + + // Whether this application represents a custom SAML application for linked service principals. Enabling this will assign the WindowsAzureActiveDirectoryCustomSingleSignOnApplication tag. Defaults to false. + // Whether this application represents a custom SAML application for linked service principals + CustomSingleSignOn *bool `json:"customSingleSignOn,omitempty" tf:"custom_single_sign_on,omitempty"` + + // Whether this application represents an Enterprise Application for linked service principals. Enabling this will assign the WindowsAzureActiveDirectoryIntegratedApp tag. Defaults to false. + // Whether this application represents an Enterprise Application for linked service principals + Enterprise *bool `json:"enterprise,omitempty" tf:"enterprise,omitempty"` + + // Whether this application represents a gallery application for linked service principals. Enabling this will assign the WindowsAzureActiveDirectoryGalleryApplicationNonPrimaryV1 tag. Defaults to false. + // Whether this application represents a gallery application for linked service principals + Gallery *bool `json:"gallery,omitempty" tf:"gallery,omitempty"` + + // Whether this app is invisible to users in My Apps and Office 365 Launcher. Enabling this will assign the HideApp tag. Defaults to false. + // Whether this application is invisible to users in My Apps and Office 365 Launcher + Hide *bool `json:"hide,omitempty" tf:"hide,omitempty"` +} + type FeatureTagsObservation struct { // Whether this application represents a custom SAML application for linked service principals. Enabling this will assign the WindowsAzureActiveDirectoryCustomSingleSignOnApplication tag. Defaults to false. @@ -465,6 +653,25 @@ type FeatureTagsParameters struct { Hide *bool `json:"hide,omitempty" tf:"hide,omitempty"` } +type IDTokenInitParameters struct { + + // List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim. + // List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim + AdditionalProperties []*string `json:"additionalProperties,omitempty" tf:"additional_properties,omitempty"` + + // Whether the claim specified by the client is necessary to ensure a smooth authorization experience. + // Whether the claim specified by the client is necessary to ensure a smooth authorization experience + Essential *bool `json:"essential,omitempty" tf:"essential,omitempty"` + + // The name of the optional claim. + // The name of the optional claim + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // The source of the claim. If source is absent, the claim is a predefined optional claim. If source is user, the value of name is the extension property from the user object. + // The source of the claim. If `source` is absent, the claim is a predefined optional claim. If `source` is `user`, the value of `name` is the extension property from the user object + Source *string `json:"source,omitempty" tf:"source,omitempty"` +} + type IDTokenObservation struct { // List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim. @@ -498,8 +705,8 @@ type IDTokenParameters struct { // The name of the optional claim. // The name of the optional claim - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` // The source of the claim. If source is absent, the claim is a predefined optional claim. If source is user, the value of name is the extension property from the user object. // The source of the claim. If `source` is absent, the claim is a predefined optional claim. If `source` is `user`, the value of `name` is the extension property from the user object @@ -507,6 +714,17 @@ type IDTokenParameters struct { Source *string `json:"source,omitempty" tf:"source,omitempty"` } +type ImplicitGrantInitParameters struct { + + // Whether this web application can request an access token using OAuth 2.0 implicit flow. + // Whether this web application can request an access token using OAuth 2.0 implicit flow + AccessTokenIssuanceEnabled *bool `json:"accessTokenIssuanceEnabled,omitempty" tf:"access_token_issuance_enabled,omitempty"` + + // Whether this web application can request an ID token using OAuth 2.0 implicit flow. + // Whether this web application can request an ID token using OAuth 2.0 implicit flow + IDTokenIssuanceEnabled *bool `json:"idTokenIssuanceEnabled,omitempty" tf:"id_token_issuance_enabled,omitempty"` +} + type ImplicitGrantObservation struct { // Whether this web application can request an access token using OAuth 2.0 implicit flow. @@ -531,6 +749,41 @@ type ImplicitGrantParameters struct { IDTokenIssuanceEnabled *bool `json:"idTokenIssuanceEnabled,omitempty" tf:"id_token_issuance_enabled,omitempty"` } +type Oauth2PermissionScopeInitParameters struct { + + // Delegated permission description that appears in all tenant-wide admin consent experiences, intended to be read by an administrator granting the permission on behalf of all users. + // Delegated permission description that appears in all tenant-wide admin consent experiences, intended to be read by an administrator granting the permission on behalf of all users + AdminConsentDescription *string `json:"adminConsentDescription,omitempty" tf:"admin_consent_description,omitempty"` + + // Display name for the delegated permission, intended to be read by an administrator granting the permission on behalf of all users. + // Display name for the delegated permission, intended to be read by an administrator granting the permission on behalf of all users + AdminConsentDisplayName *string `json:"adminConsentDisplayName,omitempty" tf:"admin_consent_display_name,omitempty"` + + // Determines if the permission scope is enabled. Defaults to true. + // Determines if the permission scope is enabled + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // The unique identifier of the delegated permission. Must be a valid UUID. + // The unique identifier of the delegated permission + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // Whether this delegated permission should be considered safe for non-admin users to consent to on behalf of themselves, or whether an administrator should be required for consent to the permissions. Defaults to User. Possible values are User or Admin. + // Whether this delegated permission should be considered safe for non-admin users to consent to on behalf of themselves, or whether an administrator should be required for consent to the permissions + Type *string `json:"type,omitempty" tf:"type,omitempty"` + + // Delegated permission description that appears in the end user consent experience, intended to be read by a user consenting on their own behalf. + // Delegated permission description that appears in the end user consent experience, intended to be read by a user consenting on their own behalf + UserConsentDescription *string `json:"userConsentDescription,omitempty" tf:"user_consent_description,omitempty"` + + // Display name for the delegated permission that appears in the end user consent experience. + // Display name for the delegated permission that appears in the end user consent experience + UserConsentDisplayName *string `json:"userConsentDisplayName,omitempty" tf:"user_consent_display_name,omitempty"` + + // The value that is used for the scp claim in OAuth 2.0 access tokens. + // The value that is used for the `scp` claim in OAuth 2.0 access tokens + Value *string `json:"value,omitempty" tf:"value,omitempty"` +} + type Oauth2PermissionScopeObservation struct { // Delegated permission description that appears in all tenant-wide admin consent experiences, intended to be read by an administrator granting the permission on behalf of all users. @@ -585,8 +838,8 @@ type Oauth2PermissionScopeParameters struct { // The unique identifier of the delegated permission. Must be a valid UUID. // The unique identifier of the delegated permission - // +kubebuilder:validation:Required - ID *string `json:"id" tf:"id,omitempty"` + // +kubebuilder:validation:Optional + ID *string `json:"id,omitempty" tf:"id,omitempty"` // Whether this delegated permission should be considered safe for non-admin users to consent to on behalf of themselves, or whether an administrator should be required for consent to the permissions. Defaults to User. Possible values are User or Admin. // Whether this delegated permission should be considered safe for non-admin users to consent to on behalf of themselves, or whether an administrator should be required for consent to the permissions @@ -609,6 +862,18 @@ type Oauth2PermissionScopeParameters struct { Value *string `json:"value,omitempty" tf:"value,omitempty"` } +type OptionalClaimsInitParameters struct { + + // One or more access_token blocks as documented below. + AccessToken []AccessTokenInitParameters `json:"accessToken,omitempty" tf:"access_token,omitempty"` + + // One or more id_token blocks as documented below. + IDToken []IDTokenInitParameters `json:"idToken,omitempty" tf:"id_token,omitempty"` + + // One or more saml2_token blocks as documented below. + Saml2Token []Saml2TokenInitParameters `json:"saml2Token,omitempty" tf:"saml2_token,omitempty"` +} + type OptionalClaimsObservation struct { // One or more access_token blocks as documented below. @@ -636,6 +901,13 @@ type OptionalClaimsParameters struct { Saml2Token []Saml2TokenParameters `json:"saml2Token,omitempty" tf:"saml2_token,omitempty"` } +type PublicClientInitParameters struct { + + // A set of URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent. Must be a valid https or ms-appx-web URL. + // The URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent + RedirectUris []*string `json:"redirectUris,omitempty" tf:"redirect_uris,omitempty"` +} + type PublicClientObservation struct { // A set of URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent. Must be a valid https or ms-appx-web URL. @@ -651,6 +923,15 @@ type PublicClientParameters struct { RedirectUris []*string `json:"redirectUris,omitempty" tf:"redirect_uris,omitempty"` } +type RequiredResourceAccessInitParameters struct { + + // A collection of resource_access blocks as documented below, describing OAuth2.0 permission scopes and app roles that the application requires from the specified resource. + ResourceAccess []ResourceAccessInitParameters `json:"resourceAccess,omitempty" tf:"resource_access,omitempty"` + + // The unique identifier for the resource that the application requires access to. This should be the Application ID of the target application. + ResourceAppID *string `json:"resourceAppId,omitempty" tf:"resource_app_id,omitempty"` +} + type RequiredResourceAccessObservation struct { // A collection of resource_access blocks as documented below, describing OAuth2.0 permission scopes and app roles that the application requires from the specified resource. @@ -663,12 +944,21 @@ type RequiredResourceAccessObservation struct { type RequiredResourceAccessParameters struct { // A collection of resource_access blocks as documented below, describing OAuth2.0 permission scopes and app roles that the application requires from the specified resource. - // +kubebuilder:validation:Required - ResourceAccess []ResourceAccessParameters `json:"resourceAccess" tf:"resource_access,omitempty"` + // +kubebuilder:validation:Optional + ResourceAccess []ResourceAccessParameters `json:"resourceAccess,omitempty" tf:"resource_access,omitempty"` // The unique identifier for the resource that the application requires access to. This should be the Application ID of the target application. - // +kubebuilder:validation:Required - ResourceAppID *string `json:"resourceAppId" tf:"resource_app_id,omitempty"` + // +kubebuilder:validation:Optional + ResourceAppID *string `json:"resourceAppId,omitempty" tf:"resource_app_id,omitempty"` +} + +type ResourceAccessInitParameters struct { + + // The unique identifier for an app role or OAuth2 permission scope published by the resource application. + ID *string `json:"id,omitempty" tf:"id,omitempty"` + + // Specifies whether the id property references an app role or an OAuth2 permission scope. Possible values are Role or Scope. + Type *string `json:"type,omitempty" tf:"type,omitempty"` } type ResourceAccessObservation struct { @@ -683,12 +973,31 @@ type ResourceAccessObservation struct { type ResourceAccessParameters struct { // The unique identifier for an app role or OAuth2 permission scope published by the resource application. - // +kubebuilder:validation:Required - ID *string `json:"id" tf:"id,omitempty"` + // +kubebuilder:validation:Optional + ID *string `json:"id,omitempty" tf:"id,omitempty"` // Specifies whether the id property references an app role or an OAuth2 permission scope. Possible values are Role or Scope. - // +kubebuilder:validation:Required - Type *string `json:"type" tf:"type,omitempty"` + // +kubebuilder:validation:Optional + Type *string `json:"type,omitempty" tf:"type,omitempty"` +} + +type Saml2TokenInitParameters struct { + + // List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim. + // List of additional properties of the claim. If a property exists in this list, it modifies the behaviour of the optional claim + AdditionalProperties []*string `json:"additionalProperties,omitempty" tf:"additional_properties,omitempty"` + + // Whether the claim specified by the client is necessary to ensure a smooth authorization experience. + // Whether the claim specified by the client is necessary to ensure a smooth authorization experience + Essential *bool `json:"essential,omitempty" tf:"essential,omitempty"` + + // The name of the optional claim. + // The name of the optional claim + Name *string `json:"name,omitempty" tf:"name,omitempty"` + + // The source of the claim. If source is absent, the claim is a predefined optional claim. If source is user, the value of name is the extension property from the user object. + // The source of the claim. If `source` is absent, the claim is a predefined optional claim. If `source` is `user`, the value of `name` is the extension property from the user object + Source *string `json:"source,omitempty" tf:"source,omitempty"` } type Saml2TokenObservation struct { @@ -724,8 +1033,8 @@ type Saml2TokenParameters struct { // The name of the optional claim. // The name of the optional claim - // +kubebuilder:validation:Required - Name *string `json:"name" tf:"name,omitempty"` + // +kubebuilder:validation:Optional + Name *string `json:"name,omitempty" tf:"name,omitempty"` // The source of the claim. If source is absent, the claim is a predefined optional claim. If source is user, the value of name is the extension property from the user object. // The source of the claim. If `source` is absent, the claim is a predefined optional claim. If `source` is `user`, the value of `name` is the extension property from the user object @@ -733,6 +1042,13 @@ type Saml2TokenParameters struct { Source *string `json:"source,omitempty" tf:"source,omitempty"` } +type SinglePageApplicationInitParameters struct { + + // A set of URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent. Must be a valid https URL. + // The URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent + RedirectUris []*string `json:"redirectUris,omitempty" tf:"redirect_uris,omitempty"` +} + type SinglePageApplicationObservation struct { // A set of URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent. Must be a valid https URL. @@ -748,6 +1064,24 @@ type SinglePageApplicationParameters struct { RedirectUris []*string `json:"redirectUris,omitempty" tf:"redirect_uris,omitempty"` } +type WebInitParameters struct { + + // Home page or landing page of the application. + // Home page or landing page of the application + HomepageURL *string `json:"homepageUrl,omitempty" tf:"homepage_url,omitempty"` + + // An implicit_grant block as documented above. + ImplicitGrant []ImplicitGrantInitParameters `json:"implicitGrant,omitempty" tf:"implicit_grant,omitempty"` + + // The URL that will be used by Microsoft's authorization service to sign out a user using front-channel, back-channel or SAML logout protocols. + // The URL that will be used by Microsoft's authorization service to sign out a user using front-channel, back-channel or SAML logout protocols + LogoutURL *string `json:"logoutUrl,omitempty" tf:"logout_url,omitempty"` + + // A set of URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent. Must be a valid http URL or a URN. + // The URLs where user tokens are sent for sign-in, or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent + RedirectUris []*string `json:"redirectUris,omitempty" tf:"redirect_uris,omitempty"` +} + type WebObservation struct { // Home page or landing page of the application. @@ -792,6 +1126,18 @@ type WebParameters struct { type ApplicationSpec struct { v1.ResourceSpec `json:",inline"` ForProvider ApplicationParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider ApplicationInitParameters `json:"initProvider,omitempty"` } // ApplicationStatus defines the observed state of Application. @@ -812,7 +1158,7 @@ type ApplicationStatus struct { type Application struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.displayName)",message="displayName is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.displayName) || has(self.initProvider.displayName)",message="displayName is a required parameter" Spec ApplicationSpec `json:"spec"` Status ApplicationStatus `json:"status,omitempty"` } diff --git a/apis/applications/v1beta1/zz_certificate_types.go b/apis/applications/v1beta1/zz_certificate_types.go index 61d7d26d..4a5da670 100755 --- a/apis/applications/v1beta1/zz_certificate_types.go +++ b/apis/applications/v1beta1/zz_certificate_types.go @@ -13,6 +13,33 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type CertificateInitParameters struct { + + // Specifies the encoding used for the supplied certificate data. Must be one of pem, base64 or hex. Defaults to pem. + // Specifies the encoding used for the supplied certificate data + Encoding *string `json:"encoding,omitempty" tf:"encoding,omitempty"` + + // The end date until which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If omitted, the API will decide a suitable expiry date, which is typically around 2 years from the start date. Changing this field forces a new resource to be created. + // The end date until which the certificate is valid, formatted as an RFC3339 date string (e.g. `2018-01-01T01:02:03Z`). If omitted, the API will decide a suitable expiry date, which is typically around 2 years from the start date + EndDate *string `json:"endDate,omitempty" tf:"end_date,omitempty"` + + // A relative duration for which the certificate is valid until, for example 240h (10 days) or 2400h30m. Changing this field forces a new resource to be created. + // A relative duration for which the certificate is valid until, for example `240h` (10 days) or `2400h30m` + EndDateRelative *string `json:"endDateRelative,omitempty" tf:"end_date_relative,omitempty"` + + // A UUID used to uniquely identify this certificate. If omitted, a random UUID will be automatically generated. Changing this field forces a new resource to be created. + // A UUID used to uniquely identify this certificate. If omitted, a random UUID will be automatically generated + KeyID *string `json:"keyId,omitempty" tf:"key_id,omitempty"` + + // The start date from which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If this isn't specified, the value is determined by Azure Active Directory and is usually the start date of the certificate for asymmetric keys, or the current timestamp for symmetric keys. Changing this field forces a new resource to be created. + // The start date from which the certificate is valid, formatted as an RFC3339 date string (e.g. `2018-01-01T01:02:03Z`). If this isn't specified, the current date and time are use + StartDate *string `json:"startDate,omitempty" tf:"start_date,omitempty"` + + // The type of key/certificate. Must be one of AsymmetricX509Cert or Symmetric. Changing this fields forces a new resource to be created. + // The type of key/certificate + Type *string `json:"type,omitempty" tf:"type,omitempty"` +} + type CertificateObservation struct { // The object ID of the application for which this certificate should be created. Changing this field forces a new resource to be created. @@ -102,6 +129,18 @@ type CertificateParameters struct { type CertificateSpec struct { v1.ResourceSpec `json:",inline"` ForProvider CertificateParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider CertificateInitParameters `json:"initProvider,omitempty"` } // CertificateStatus defines the observed state of Certificate. @@ -122,7 +161,7 @@ type CertificateStatus struct { type Certificate struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.valueSecretRef)",message="valueSecretRef is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.valueSecretRef)",message="valueSecretRef is a required parameter" Spec CertificateSpec `json:"spec"` Status CertificateStatus `json:"status,omitempty"` } diff --git a/apis/applications/v1beta1/zz_federatedidentitycredential_types.go b/apis/applications/v1beta1/zz_federatedidentitycredential_types.go index 83a3cfb9..18a389e4 100755 --- a/apis/applications/v1beta1/zz_federatedidentitycredential_types.go +++ b/apis/applications/v1beta1/zz_federatedidentitycredential_types.go @@ -13,6 +13,29 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type FederatedIdentityCredentialInitParameters struct { + + // List of audiences that can appear in the external token. This specifies what should be accepted in the aud claim of incoming tokens. + // List of audiences that can appear in the external token. This specifies what should be accepted in the `aud` claim of incoming tokens. + Audiences []*string `json:"audiences,omitempty" tf:"audiences,omitempty"` + + // A description for the federated identity credential. + // A description for the federated identity credential + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // A unique display name for the federated identity credential. Changing this forces a new resource to be created. + // A unique display name for the federated identity credential + DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"` + + // The URL of the external identity provider, which must match the issuer claim of the external token being exchanged. The combination of the values of issuer and subject must be unique on the app. + // The URL of the external identity provider, which must match the issuer claim of the external token being exchanged. The combination of the values of issuer and subject must be unique on the app. + Issuer *string `json:"issuer,omitempty" tf:"issuer,omitempty"` + + // The identifier of the external software workload within the external identity provider. The combination of issuer and subject must be unique on the app. + // The identifier of the external software workload within the external identity provider. The combination of issuer and subject must be unique on the app. + Subject *string `json:"subject,omitempty" tf:"subject,omitempty"` +} + type FederatedIdentityCredentialObservation struct { // The object ID of the application for which this federated identity credential should be created. Changing this field forces a new resource to be created. @@ -92,6 +115,18 @@ type FederatedIdentityCredentialParameters struct { type FederatedIdentityCredentialSpec struct { v1.ResourceSpec `json:",inline"` ForProvider FederatedIdentityCredentialParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider FederatedIdentityCredentialInitParameters `json:"initProvider,omitempty"` } // FederatedIdentityCredentialStatus defines the observed state of FederatedIdentityCredential. @@ -112,10 +147,10 @@ type FederatedIdentityCredentialStatus struct { type FederatedIdentityCredential struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.audiences)",message="audiences is a required parameter" - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.displayName)",message="displayName is a required parameter" - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.issuer)",message="issuer is a required parameter" - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.subject)",message="subject is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.audiences) || has(self.initProvider.audiences)",message="audiences is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.displayName) || has(self.initProvider.displayName)",message="displayName is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.issuer) || has(self.initProvider.issuer)",message="issuer is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.subject) || has(self.initProvider.subject)",message="subject is a required parameter" Spec FederatedIdentityCredentialSpec `json:"spec"` Status FederatedIdentityCredentialStatus `json:"status,omitempty"` } diff --git a/apis/applications/v1beta1/zz_generated.deepcopy.go b/apis/applications/v1beta1/zz_generated.deepcopy.go index 91da2774..8be05c1c 100644 --- a/apis/applications/v1beta1/zz_generated.deepcopy.go +++ b/apis/applications/v1beta1/zz_generated.deepcopy.go @@ -14,6 +14,49 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *APIInitParameters) DeepCopyInto(out *APIInitParameters) { + *out = *in + if in.KnownClientApplications != nil { + in, out := &in.KnownClientApplications, &out.KnownClientApplications + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.MappedClaimsEnabled != nil { + in, out := &in.MappedClaimsEnabled, &out.MappedClaimsEnabled + *out = new(bool) + **out = **in + } + if in.Oauth2PermissionScope != nil { + in, out := &in.Oauth2PermissionScope, &out.Oauth2PermissionScope + *out = make([]Oauth2PermissionScopeInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.RequestedAccessTokenVersion != nil { + in, out := &in.RequestedAccessTokenVersion, &out.RequestedAccessTokenVersion + *out = new(float64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIInitParameters. +func (in *APIInitParameters) DeepCopy() *APIInitParameters { + if in == nil { + return nil + } + out := new(APIInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *APIObservation) DeepCopyInto(out *APIObservation) { *out = *in @@ -100,6 +143,47 @@ func (in *APIParameters) DeepCopy() *APIParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AccessTokenInitParameters) DeepCopyInto(out *AccessTokenInitParameters) { + *out = *in + if in.AdditionalProperties != nil { + in, out := &in.AdditionalProperties, &out.AdditionalProperties + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Essential != nil { + in, out := &in.Essential, &out.Essential + *out = new(bool) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Source != nil { + in, out := &in.Source, &out.Source + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessTokenInitParameters. +func (in *AccessTokenInitParameters) DeepCopy() *AccessTokenInitParameters { + if in == nil { + return nil + } + out := new(AccessTokenInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AccessTokenObservation) DeepCopyInto(out *AccessTokenObservation) { *out = *in @@ -182,6 +266,57 @@ func (in *AccessTokenParameters) DeepCopy() *AccessTokenParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AppRoleInitParameters) DeepCopyInto(out *AppRoleInitParameters) { + *out = *in + if in.AllowedMemberTypes != nil { + in, out := &in.AllowedMemberTypes, &out.AllowedMemberTypes + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.DisplayName != nil { + in, out := &in.DisplayName, &out.DisplayName + *out = new(string) + **out = **in + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AppRoleInitParameters. +func (in *AppRoleInitParameters) DeepCopy() *AppRoleInitParameters { + if in == nil { + return nil + } + out := new(AppRoleInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AppRoleObservation) DeepCopyInto(out *AppRoleObservation) { *out = *in @@ -303,14 +438,204 @@ func (in *Application) DeepCopy() *Application { return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Application) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *Application) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ApplicationInitParameters) DeepCopyInto(out *ApplicationInitParameters) { + *out = *in + if in.API != nil { + in, out := &in.API, &out.API + *out = make([]APIInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.AppRole != nil { + in, out := &in.AppRole, &out.AppRole + *out = make([]AppRoleInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.DeviceOnlyAuthEnabled != nil { + in, out := &in.DeviceOnlyAuthEnabled, &out.DeviceOnlyAuthEnabled + *out = new(bool) + **out = **in + } + if in.DisplayName != nil { + in, out := &in.DisplayName, &out.DisplayName + *out = new(string) + **out = **in + } + if in.FallbackPublicClientEnabled != nil { + in, out := &in.FallbackPublicClientEnabled, &out.FallbackPublicClientEnabled + *out = new(bool) + **out = **in + } + if in.FeatureTags != nil { + in, out := &in.FeatureTags, &out.FeatureTags + *out = make([]FeatureTagsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.GroupMembershipClaims != nil { + in, out := &in.GroupMembershipClaims, &out.GroupMembershipClaims + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IdentifierUris != nil { + in, out := &in.IdentifierUris, &out.IdentifierUris + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.LogoImage != nil { + in, out := &in.LogoImage, &out.LogoImage + *out = new(string) + **out = **in + } + if in.MarketingURL != nil { + in, out := &in.MarketingURL, &out.MarketingURL + *out = new(string) + **out = **in + } + if in.Notes != nil { + in, out := &in.Notes, &out.Notes + *out = new(string) + **out = **in + } + if in.Oauth2PostResponseRequired != nil { + in, out := &in.Oauth2PostResponseRequired, &out.Oauth2PostResponseRequired + *out = new(bool) + **out = **in + } + if in.OptionalClaims != nil { + in, out := &in.OptionalClaims, &out.OptionalClaims + *out = make([]OptionalClaimsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Owners != nil { + in, out := &in.Owners, &out.Owners + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.PreventDuplicateNames != nil { + in, out := &in.PreventDuplicateNames, &out.PreventDuplicateNames + *out = new(bool) + **out = **in + } + if in.PrivacyStatementURL != nil { + in, out := &in.PrivacyStatementURL, &out.PrivacyStatementURL + *out = new(string) + **out = **in + } + if in.PublicClient != nil { + in, out := &in.PublicClient, &out.PublicClient + *out = make([]PublicClientInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.RequiredResourceAccess != nil { + in, out := &in.RequiredResourceAccess, &out.RequiredResourceAccess + *out = make([]RequiredResourceAccessInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ServiceManagementReference != nil { + in, out := &in.ServiceManagementReference, &out.ServiceManagementReference + *out = new(string) + **out = **in + } + if in.SignInAudience != nil { + in, out := &in.SignInAudience, &out.SignInAudience + *out = new(string) + **out = **in + } + if in.SinglePageApplication != nil { + in, out := &in.SinglePageApplication, &out.SinglePageApplication + *out = make([]SinglePageApplicationInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SupportURL != nil { + in, out := &in.SupportURL, &out.SupportURL + *out = new(string) + **out = **in + } + if in.Tags != nil { + in, out := &in.Tags, &out.Tags + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.TemplateID != nil { + in, out := &in.TemplateID, &out.TemplateID + *out = new(string) + **out = **in + } + if in.TermsOfServiceURL != nil { + in, out := &in.TermsOfServiceURL, &out.TermsOfServiceURL + *out = new(string) + **out = **in + } + if in.Web != nil { + in, out := &in.Web, &out.Web + *out = make([]WebInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ApplicationInitParameters. +func (in *ApplicationInitParameters) DeepCopy() *ApplicationInitParameters { + if in == nil { + return nil + } + out := new(ApplicationInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ApplicationList) DeepCopyInto(out *ApplicationList) { *out = *in @@ -788,6 +1113,7 @@ func (in *ApplicationSpec) DeepCopyInto(out *ApplicationSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ApplicationSpec. @@ -844,6 +1170,51 @@ func (in *Certificate) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CertificateInitParameters) DeepCopyInto(out *CertificateInitParameters) { + *out = *in + if in.Encoding != nil { + in, out := &in.Encoding, &out.Encoding + *out = new(string) + **out = **in + } + if in.EndDate != nil { + in, out := &in.EndDate, &out.EndDate + *out = new(string) + **out = **in + } + if in.EndDateRelative != nil { + in, out := &in.EndDateRelative, &out.EndDateRelative + *out = new(string) + **out = **in + } + if in.KeyID != nil { + in, out := &in.KeyID, &out.KeyID + *out = new(string) + **out = **in + } + if in.StartDate != nil { + in, out := &in.StartDate, &out.StartDate + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateInitParameters. +func (in *CertificateInitParameters) DeepCopy() *CertificateInitParameters { + if in == nil { + return nil + } + out := new(CertificateInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CertificateList) DeepCopyInto(out *CertificateList) { *out = *in @@ -997,6 +1368,7 @@ func (in *CertificateSpec) DeepCopyInto(out *CertificateSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateSpec. @@ -1026,6 +1398,41 @@ func (in *CertificateStatus) DeepCopy() *CertificateStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FeatureTagsInitParameters) DeepCopyInto(out *FeatureTagsInitParameters) { + *out = *in + if in.CustomSingleSignOn != nil { + in, out := &in.CustomSingleSignOn, &out.CustomSingleSignOn + *out = new(bool) + **out = **in + } + if in.Enterprise != nil { + in, out := &in.Enterprise, &out.Enterprise + *out = new(bool) + **out = **in + } + if in.Gallery != nil { + in, out := &in.Gallery, &out.Gallery + *out = new(bool) + **out = **in + } + if in.Hide != nil { + in, out := &in.Hide, &out.Hide + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FeatureTagsInitParameters. +func (in *FeatureTagsInitParameters) DeepCopy() *FeatureTagsInitParameters { + if in == nil { + return nil + } + out := new(FeatureTagsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FeatureTagsObservation) DeepCopyInto(out *FeatureTagsObservation) { *out = *in @@ -1123,6 +1530,52 @@ func (in *FederatedIdentityCredential) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FederatedIdentityCredentialInitParameters) DeepCopyInto(out *FederatedIdentityCredentialInitParameters) { + *out = *in + if in.Audiences != nil { + in, out := &in.Audiences, &out.Audiences + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.DisplayName != nil { + in, out := &in.DisplayName, &out.DisplayName + *out = new(string) + **out = **in + } + if in.Issuer != nil { + in, out := &in.Issuer, &out.Issuer + *out = new(string) + **out = **in + } + if in.Subject != nil { + in, out := &in.Subject, &out.Subject + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederatedIdentityCredentialInitParameters. +func (in *FederatedIdentityCredentialInitParameters) DeepCopy() *FederatedIdentityCredentialInitParameters { + if in == nil { + return nil + } + out := new(FederatedIdentityCredentialInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FederatedIdentityCredentialList) DeepCopyInto(out *FederatedIdentityCredentialList) { *out = *in @@ -1282,6 +1735,7 @@ func (in *FederatedIdentityCredentialSpec) DeepCopyInto(out *FederatedIdentityCr *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FederatedIdentityCredentialSpec. @@ -1311,6 +1765,47 @@ func (in *FederatedIdentityCredentialStatus) DeepCopy() *FederatedIdentityCreden return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IDTokenInitParameters) DeepCopyInto(out *IDTokenInitParameters) { + *out = *in + if in.AdditionalProperties != nil { + in, out := &in.AdditionalProperties, &out.AdditionalProperties + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Essential != nil { + in, out := &in.Essential, &out.Essential + *out = new(bool) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Source != nil { + in, out := &in.Source, &out.Source + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IDTokenInitParameters. +func (in *IDTokenInitParameters) DeepCopy() *IDTokenInitParameters { + if in == nil { + return nil + } + out := new(IDTokenInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IDTokenObservation) DeepCopyInto(out *IDTokenObservation) { *out = *in @@ -1393,6 +1888,31 @@ func (in *IDTokenParameters) DeepCopy() *IDTokenParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ImplicitGrantInitParameters) DeepCopyInto(out *ImplicitGrantInitParameters) { + *out = *in + if in.AccessTokenIssuanceEnabled != nil { + in, out := &in.AccessTokenIssuanceEnabled, &out.AccessTokenIssuanceEnabled + *out = new(bool) + **out = **in + } + if in.IDTokenIssuanceEnabled != nil { + in, out := &in.IDTokenIssuanceEnabled, &out.IDTokenIssuanceEnabled + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImplicitGrantInitParameters. +func (in *ImplicitGrantInitParameters) DeepCopy() *ImplicitGrantInitParameters { + if in == nil { + return nil + } + out := new(ImplicitGrantInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ImplicitGrantObservation) DeepCopyInto(out *ImplicitGrantObservation) { *out = *in @@ -1443,6 +1963,61 @@ func (in *ImplicitGrantParameters) DeepCopy() *ImplicitGrantParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Oauth2PermissionScopeInitParameters) DeepCopyInto(out *Oauth2PermissionScopeInitParameters) { + *out = *in + if in.AdminConsentDescription != nil { + in, out := &in.AdminConsentDescription, &out.AdminConsentDescription + *out = new(string) + **out = **in + } + if in.AdminConsentDisplayName != nil { + in, out := &in.AdminConsentDisplayName, &out.AdminConsentDisplayName + *out = new(string) + **out = **in + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } + if in.UserConsentDescription != nil { + in, out := &in.UserConsentDescription, &out.UserConsentDescription + *out = new(string) + **out = **in + } + if in.UserConsentDisplayName != nil { + in, out := &in.UserConsentDisplayName, &out.UserConsentDisplayName + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Oauth2PermissionScopeInitParameters. +func (in *Oauth2PermissionScopeInitParameters) DeepCopy() *Oauth2PermissionScopeInitParameters { + if in == nil { + return nil + } + out := new(Oauth2PermissionScopeInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Oauth2PermissionScopeObservation) DeepCopyInto(out *Oauth2PermissionScopeObservation) { *out = *in @@ -1531,24 +2106,60 @@ func (in *Oauth2PermissionScopeParameters) DeepCopyInto(out *Oauth2PermissionSco *out = new(string) **out = **in } - if in.UserConsentDisplayName != nil { - in, out := &in.UserConsentDisplayName, &out.UserConsentDisplayName - *out = new(string) - **out = **in + if in.UserConsentDisplayName != nil { + in, out := &in.UserConsentDisplayName, &out.UserConsentDisplayName + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Oauth2PermissionScopeParameters. +func (in *Oauth2PermissionScopeParameters) DeepCopy() *Oauth2PermissionScopeParameters { + if in == nil { + return nil + } + out := new(Oauth2PermissionScopeParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OptionalClaimsInitParameters) DeepCopyInto(out *OptionalClaimsInitParameters) { + *out = *in + if in.AccessToken != nil { + in, out := &in.AccessToken, &out.AccessToken + *out = make([]AccessTokenInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.IDToken != nil { + in, out := &in.IDToken, &out.IDToken + *out = make([]IDTokenInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } - if in.Value != nil { - in, out := &in.Value, &out.Value - *out = new(string) - **out = **in + if in.Saml2Token != nil { + in, out := &in.Saml2Token, &out.Saml2Token + *out = make([]Saml2TokenInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Oauth2PermissionScopeParameters. -func (in *Oauth2PermissionScopeParameters) DeepCopy() *Oauth2PermissionScopeParameters { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OptionalClaimsInitParameters. +func (in *OptionalClaimsInitParameters) DeepCopy() *OptionalClaimsInitParameters { if in == nil { return nil } - out := new(Oauth2PermissionScopeParameters) + out := new(OptionalClaimsInitParameters) in.DeepCopyInto(out) return out } @@ -1652,6 +2263,56 @@ func (in *Password) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PasswordInitParameters) DeepCopyInto(out *PasswordInitParameters) { + *out = *in + if in.DisplayName != nil { + in, out := &in.DisplayName, &out.DisplayName + *out = new(string) + **out = **in + } + if in.EndDate != nil { + in, out := &in.EndDate, &out.EndDate + *out = new(string) + **out = **in + } + if in.EndDateRelative != nil { + in, out := &in.EndDateRelative, &out.EndDateRelative + *out = new(string) + **out = **in + } + if in.RotateWhenChanged != nil { + in, out := &in.RotateWhenChanged, &out.RotateWhenChanged + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + in, out := &val, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.StartDate != nil { + in, out := &in.StartDate, &out.StartDate + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PasswordInitParameters. +func (in *PasswordInitParameters) DeepCopy() *PasswordInitParameters { + if in == nil { + return nil + } + out := new(PasswordInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PasswordList) DeepCopyInto(out *PasswordList) { *out = *in @@ -1819,6 +2480,7 @@ func (in *PasswordSpec) DeepCopyInto(out *PasswordSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PasswordSpec. @@ -1875,6 +2537,32 @@ func (in *PreAuthorized) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PreAuthorizedInitParameters) DeepCopyInto(out *PreAuthorizedInitParameters) { + *out = *in + if in.PermissionIds != nil { + in, out := &in.PermissionIds, &out.PermissionIds + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PreAuthorizedInitParameters. +func (in *PreAuthorizedInitParameters) DeepCopy() *PreAuthorizedInitParameters { + if in == nil { + return nil + } + out := new(PreAuthorizedInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PreAuthorizedList) DeepCopyInto(out *PreAuthorizedList) { *out = *in @@ -2009,6 +2697,7 @@ func (in *PreAuthorizedSpec) DeepCopyInto(out *PreAuthorizedSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PreAuthorizedSpec. @@ -2038,6 +2727,32 @@ func (in *PreAuthorizedStatus) DeepCopy() *PreAuthorizedStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PublicClientInitParameters) DeepCopyInto(out *PublicClientInitParameters) { + *out = *in + if in.RedirectUris != nil { + in, out := &in.RedirectUris, &out.RedirectUris + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PublicClientInitParameters. +func (in *PublicClientInitParameters) DeepCopy() *PublicClientInitParameters { + if in == nil { + return nil + } + out := new(PublicClientInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PublicClientObservation) DeepCopyInto(out *PublicClientObservation) { *out = *in @@ -2090,6 +2805,33 @@ func (in *PublicClientParameters) DeepCopy() *PublicClientParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RequiredResourceAccessInitParameters) DeepCopyInto(out *RequiredResourceAccessInitParameters) { + *out = *in + if in.ResourceAccess != nil { + in, out := &in.ResourceAccess, &out.ResourceAccess + *out = make([]ResourceAccessInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ResourceAppID != nil { + in, out := &in.ResourceAppID, &out.ResourceAppID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequiredResourceAccessInitParameters. +func (in *RequiredResourceAccessInitParameters) DeepCopy() *RequiredResourceAccessInitParameters { + if in == nil { + return nil + } + out := new(RequiredResourceAccessInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RequiredResourceAccessObservation) DeepCopyInto(out *RequiredResourceAccessObservation) { *out = *in @@ -2144,6 +2886,31 @@ func (in *RequiredResourceAccessParameters) DeepCopy() *RequiredResourceAccessPa return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ResourceAccessInitParameters) DeepCopyInto(out *ResourceAccessInitParameters) { + *out = *in + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceAccessInitParameters. +func (in *ResourceAccessInitParameters) DeepCopy() *ResourceAccessInitParameters { + if in == nil { + return nil + } + out := new(ResourceAccessInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ResourceAccessObservation) DeepCopyInto(out *ResourceAccessObservation) { *out = *in @@ -2194,6 +2961,47 @@ func (in *ResourceAccessParameters) DeepCopy() *ResourceAccessParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Saml2TokenInitParameters) DeepCopyInto(out *Saml2TokenInitParameters) { + *out = *in + if in.AdditionalProperties != nil { + in, out := &in.AdditionalProperties, &out.AdditionalProperties + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Essential != nil { + in, out := &in.Essential, &out.Essential + *out = new(bool) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Source != nil { + in, out := &in.Source, &out.Source + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Saml2TokenInitParameters. +func (in *Saml2TokenInitParameters) DeepCopy() *Saml2TokenInitParameters { + if in == nil { + return nil + } + out := new(Saml2TokenInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Saml2TokenObservation) DeepCopyInto(out *Saml2TokenObservation) { *out = *in @@ -2276,6 +3084,32 @@ func (in *Saml2TokenParameters) DeepCopy() *Saml2TokenParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SinglePageApplicationInitParameters) DeepCopyInto(out *SinglePageApplicationInitParameters) { + *out = *in + if in.RedirectUris != nil { + in, out := &in.RedirectUris, &out.RedirectUris + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SinglePageApplicationInitParameters. +func (in *SinglePageApplicationInitParameters) DeepCopy() *SinglePageApplicationInitParameters { + if in == nil { + return nil + } + out := new(SinglePageApplicationInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SinglePageApplicationObservation) DeepCopyInto(out *SinglePageApplicationObservation) { *out = *in @@ -2328,6 +3162,49 @@ func (in *SinglePageApplicationParameters) DeepCopy() *SinglePageApplicationPara return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WebInitParameters) DeepCopyInto(out *WebInitParameters) { + *out = *in + if in.HomepageURL != nil { + in, out := &in.HomepageURL, &out.HomepageURL + *out = new(string) + **out = **in + } + if in.ImplicitGrant != nil { + in, out := &in.ImplicitGrant, &out.ImplicitGrant + *out = make([]ImplicitGrantInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.LogoutURL != nil { + in, out := &in.LogoutURL, &out.LogoutURL + *out = new(string) + **out = **in + } + if in.RedirectUris != nil { + in, out := &in.RedirectUris, &out.RedirectUris + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebInitParameters. +func (in *WebInitParameters) DeepCopy() *WebInitParameters { + if in == nil { + return nil + } + out := new(WebInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *WebObservation) DeepCopyInto(out *WebObservation) { *out = *in diff --git a/apis/applications/v1beta1/zz_generated.managed.go b/apis/applications/v1beta1/zz_generated.managed.go index ce6c2edf..5a756da4 100644 --- a/apis/applications/v1beta1/zz_generated.managed.go +++ b/apis/applications/v1beta1/zz_generated.managed.go @@ -17,9 +17,9 @@ func (mg *Application) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this Application. -func (mg *Application) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this Application. +func (mg *Application) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this Application. @@ -55,9 +55,9 @@ func (mg *Application) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this Application. -func (mg *Application) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this Application. +func (mg *Application) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this Application. @@ -93,9 +93,9 @@ func (mg *Certificate) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this Certificate. -func (mg *Certificate) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this Certificate. +func (mg *Certificate) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this Certificate. @@ -131,9 +131,9 @@ func (mg *Certificate) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this Certificate. -func (mg *Certificate) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this Certificate. +func (mg *Certificate) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this Certificate. @@ -169,9 +169,9 @@ func (mg *FederatedIdentityCredential) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this FederatedIdentityCredential. -func (mg *FederatedIdentityCredential) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this FederatedIdentityCredential. +func (mg *FederatedIdentityCredential) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this FederatedIdentityCredential. @@ -207,9 +207,9 @@ func (mg *FederatedIdentityCredential) SetDeletionPolicy(r xpv1.DeletionPolicy) mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this FederatedIdentityCredential. -func (mg *FederatedIdentityCredential) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this FederatedIdentityCredential. +func (mg *FederatedIdentityCredential) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this FederatedIdentityCredential. @@ -245,9 +245,9 @@ func (mg *Password) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this Password. -func (mg *Password) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this Password. +func (mg *Password) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this Password. @@ -283,9 +283,9 @@ func (mg *Password) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this Password. -func (mg *Password) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this Password. +func (mg *Password) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this Password. @@ -321,9 +321,9 @@ func (mg *PreAuthorized) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this PreAuthorized. -func (mg *PreAuthorized) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this PreAuthorized. +func (mg *PreAuthorized) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this PreAuthorized. @@ -359,9 +359,9 @@ func (mg *PreAuthorized) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this PreAuthorized. -func (mg *PreAuthorized) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this PreAuthorized. +func (mg *PreAuthorized) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this PreAuthorized. diff --git a/apis/applications/v1beta1/zz_generated_terraformed.go b/apis/applications/v1beta1/zz_generated_terraformed.go index a75444b0..3646757c 100755 --- a/apis/applications/v1beta1/zz_generated_terraformed.go +++ b/apis/applications/v1beta1/zz_generated_terraformed.go @@ -69,6 +69,16 @@ func (tr *Application) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this Application +func (tr *Application) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this Application using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *Application) LateInitialize(attrs []byte) (bool, error) { @@ -144,6 +154,16 @@ func (tr *Certificate) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this Certificate +func (tr *Certificate) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this Certificate using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *Certificate) LateInitialize(attrs []byte) (bool, error) { @@ -218,6 +238,16 @@ func (tr *FederatedIdentityCredential) SetParameters(params map[string]any) erro return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this FederatedIdentityCredential +func (tr *FederatedIdentityCredential) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this FederatedIdentityCredential using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *FederatedIdentityCredential) LateInitialize(attrs []byte) (bool, error) { @@ -292,6 +322,16 @@ func (tr *Password) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this Password +func (tr *Password) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this Password using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *Password) LateInitialize(attrs []byte) (bool, error) { @@ -366,6 +406,16 @@ func (tr *PreAuthorized) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this PreAuthorized +func (tr *PreAuthorized) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this PreAuthorized using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *PreAuthorized) LateInitialize(attrs []byte) (bool, error) { diff --git a/apis/applications/v1beta1/zz_password_types.go b/apis/applications/v1beta1/zz_password_types.go index a76a2dcb..55f96c7e 100755 --- a/apis/applications/v1beta1/zz_password_types.go +++ b/apis/applications/v1beta1/zz_password_types.go @@ -13,6 +13,29 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type PasswordInitParameters struct { + + // A display name for the password. Changing this field forces a new resource to be created. + // A display name for the password + DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"` + + // The end date until which the password is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). Changing this field forces a new resource to be created. + // The end date until which the password is valid, formatted as an RFC3339 date string (e.g. `2018-01-01T01:02:03Z`) + EndDate *string `json:"endDate,omitempty" tf:"end_date,omitempty"` + + // A relative duration for which the password is valid until, for example 240h (10 days) or 2400h30m. Changing this field forces a new resource to be created. + // A relative duration for which the password is valid until, for example `240h` (10 days) or `2400h30m`. Changing this field forces a new resource to be created + EndDateRelative *string `json:"endDateRelative,omitempty" tf:"end_date_relative,omitempty"` + + // A map of arbitrary key/value pairs that will force recreation of the password when they change, enabling password rotation based on external conditions such as a rotating timestamp. Changing this forces a new resource to be created. + // Arbitrary map of values that, when changed, will trigger rotation of the password + RotateWhenChanged map[string]*string `json:"rotateWhenChanged,omitempty" tf:"rotate_when_changed,omitempty"` + + // The start date from which the password is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If this isn't specified, the current date is used. Changing this field forces a new resource to be created. + // The start date from which the password is valid, formatted as an RFC3339 date string (e.g. `2018-01-01T01:02:03Z`). If this isn't specified, the current date is used + StartDate *string `json:"startDate,omitempty" tf:"start_date,omitempty"` +} + type PasswordObservation struct { // The object ID of the application for which this password should be created. Changing this field forces a new resource to be created. @@ -92,6 +115,18 @@ type PasswordParameters struct { type PasswordSpec struct { v1.ResourceSpec `json:",inline"` ForProvider PasswordParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider PasswordInitParameters `json:"initProvider,omitempty"` } // PasswordStatus defines the observed state of Password. diff --git a/apis/applications/v1beta1/zz_preauthorized_types.go b/apis/applications/v1beta1/zz_preauthorized_types.go index 5fd5a40b..5275d2a6 100755 --- a/apis/applications/v1beta1/zz_preauthorized_types.go +++ b/apis/applications/v1beta1/zz_preauthorized_types.go @@ -13,6 +13,13 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type PreAuthorizedInitParameters struct { + + // A set of permission scope IDs required by the authorized application. + // The IDs of the permission scopes required by the pre-authorized application + PermissionIds []*string `json:"permissionIds,omitempty" tf:"permission_ids,omitempty"` +} + type PreAuthorizedObservation struct { // The object ID of the application for which permissions are being authorized. Changing this field forces a new resource to be created. @@ -69,6 +76,18 @@ type PreAuthorizedParameters struct { type PreAuthorizedSpec struct { v1.ResourceSpec `json:",inline"` ForProvider PreAuthorizedParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider PreAuthorizedInitParameters `json:"initProvider,omitempty"` } // PreAuthorizedStatus defines the observed state of PreAuthorized. @@ -89,7 +108,7 @@ type PreAuthorizedStatus struct { type PreAuthorized struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.permissionIds)",message="permissionIds is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.permissionIds) || has(self.initProvider.permissionIds)",message="permissionIds is a required parameter" Spec PreAuthorizedSpec `json:"spec"` Status PreAuthorizedStatus `json:"status,omitempty"` } diff --git a/apis/conditionalaccess/v1beta1/zz_accesspolicy_types.go b/apis/conditionalaccess/v1beta1/zz_accesspolicy_types.go index 5c566a03..8f99a479 100755 --- a/apis/conditionalaccess/v1beta1/zz_accesspolicy_types.go +++ b/apis/conditionalaccess/v1beta1/zz_accesspolicy_types.go @@ -13,6 +13,24 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type AccessPolicyInitParameters struct { + + // A conditions block as documented below, which specifies the rules that must be met for the policy to apply. + Conditions []ConditionsInitParameters `json:"conditions,omitempty" tf:"conditions,omitempty"` + + // The friendly name for this Conditional Access Policy. + DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"` + + // A grant_controls block as documented below, which specifies the grant controls that must be fulfilled to pass the policy. + GrantControls []GrantControlsInitParameters `json:"grantControls,omitempty" tf:"grant_controls,omitempty"` + + // A session_controls block as documented below, which specifies the session controls that are enforced after sign-in. + SessionControls []SessionControlsInitParameters `json:"sessionControls,omitempty" tf:"session_controls,omitempty"` + + // Specifies the state of the policy object. Possible values are: enabled, disabled and enabledForReportingButNotEnforced + State *string `json:"state,omitempty" tf:"state,omitempty"` +} + type AccessPolicyObservation struct { // A conditions block as documented below, which specifies the rules that must be met for the policy to apply. @@ -57,6 +75,18 @@ type AccessPolicyParameters struct { State *string `json:"state,omitempty" tf:"state,omitempty"` } +type ApplicationsInitParameters struct { + + // A list of application IDs explicitly excluded from the policy. Can also be set to Office365. + ExcludedApplications []*string `json:"excludedApplications,omitempty" tf:"excluded_applications,omitempty"` + + // A list of application IDs the policy applies to, unless explicitly excluded (in excluded_applications). Can also be set to All, None or Office365. Cannot be specified with included_user_actions. One of included_applications or included_user_actions must be specified. + IncludedApplications []*string `json:"includedApplications,omitempty" tf:"included_applications,omitempty"` + + // A list of user actions to include. Supported values are urn:user:registerdevice and urn:user:registersecurityinfo. Cannot be specified with included_applications. One of included_applications or included_user_actions must be specified. + IncludedUserActions []*string `json:"includedUserActions,omitempty" tf:"included_user_actions,omitempty"` +} + type ApplicationsObservation struct { // A list of application IDs explicitly excluded from the policy. Can also be set to Office365. @@ -84,6 +114,33 @@ type ApplicationsParameters struct { IncludedUserActions []*string `json:"includedUserActions,omitempty" tf:"included_user_actions,omitempty"` } +type ConditionsInitParameters struct { + + // An applications block as documented below, which specifies applications and user actions included in and excluded from the policy. + Applications []ApplicationsInitParameters `json:"applications,omitempty" tf:"applications,omitempty"` + + // A list of client application types included in the policy. Possible values are: all, browser, mobileAppsAndDesktopClients, exchangeActiveSync, easSupported and other. + ClientAppTypes []*string `json:"clientAppTypes,omitempty" tf:"client_app_types,omitempty"` + + // A devices block as documented below, which describes devices to be included in and excluded from the policy. A devices block can be added to an existing policy, but removing the devices block forces a new resource to be created. + Devices []DevicesInitParameters `json:"devices,omitempty" tf:"devices,omitempty"` + + // A locations block as documented below, which specifies locations included in and excluded from the policy. + Locations []LocationsInitParameters `json:"locations,omitempty" tf:"locations,omitempty"` + + // A platforms block as documented below, which specifies platforms included in and excluded from the policy. + Platforms []PlatformsInitParameters `json:"platforms,omitempty" tf:"platforms,omitempty"` + + // A list of sign-in risk levels included in the policy. Possible values are: low, medium, high, hidden, none, unknownFutureValue. + SignInRiskLevels []*string `json:"signInRiskLevels,omitempty" tf:"sign_in_risk_levels,omitempty"` + + // A list of user risk levels included in the policy. Possible values are: low, medium, high, hidden, none, unknownFutureValue. + UserRiskLevels []*string `json:"userRiskLevels,omitempty" tf:"user_risk_levels,omitempty"` + + // A users block as documented below, which specifies users, groups, and roles included in and excluded from the policy. + Users []UsersInitParameters `json:"users,omitempty" tf:"users,omitempty"` +} + type ConditionsObservation struct { // An applications block as documented below, which specifies applications and user actions included in and excluded from the policy. @@ -114,12 +171,12 @@ type ConditionsObservation struct { type ConditionsParameters struct { // An applications block as documented below, which specifies applications and user actions included in and excluded from the policy. - // +kubebuilder:validation:Required - Applications []ApplicationsParameters `json:"applications" tf:"applications,omitempty"` + // +kubebuilder:validation:Optional + Applications []ApplicationsParameters `json:"applications,omitempty" tf:"applications,omitempty"` // A list of client application types included in the policy. Possible values are: all, browser, mobileAppsAndDesktopClients, exchangeActiveSync, easSupported and other. - // +kubebuilder:validation:Required - ClientAppTypes []*string `json:"clientAppTypes" tf:"client_app_types,omitempty"` + // +kubebuilder:validation:Optional + ClientAppTypes []*string `json:"clientAppTypes,omitempty" tf:"client_app_types,omitempty"` // A devices block as documented below, which describes devices to be included in and excluded from the policy. A devices block can be added to an existing policy, but removing the devices block forces a new resource to be created. // +kubebuilder:validation:Optional @@ -142,8 +199,14 @@ type ConditionsParameters struct { UserRiskLevels []*string `json:"userRiskLevels,omitempty" tf:"user_risk_levels,omitempty"` // A users block as documented below, which specifies users, groups, and roles included in and excluded from the policy. - // +kubebuilder:validation:Required - Users []UsersParameters `json:"users" tf:"users,omitempty"` + // +kubebuilder:validation:Optional + Users []UsersParameters `json:"users,omitempty" tf:"users,omitempty"` +} + +type DevicesInitParameters struct { + + // A filter block as described below. A filter block can be added to an existing policy, but removing the filter block forces a new resource to be created. + Filter []FilterInitParameters `json:"filter,omitempty" tf:"filter,omitempty"` } type DevicesObservation struct { @@ -159,6 +222,15 @@ type DevicesParameters struct { Filter []FilterParameters `json:"filter,omitempty" tf:"filter,omitempty"` } +type FilterInitParameters struct { + + // Whether to include in, or exclude from, matching devices from the policy. Supported values are include or exclude. + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` + + // Condition filter to match devices. For more information, see official documentation. + Rule *string `json:"rule,omitempty" tf:"rule,omitempty"` +} + type FilterObservation struct { // Whether to include in, or exclude from, matching devices from the policy. Supported values are include or exclude. @@ -171,12 +243,27 @@ type FilterObservation struct { type FilterParameters struct { // Whether to include in, or exclude from, matching devices from the policy. Supported values are include or exclude. - // +kubebuilder:validation:Required - Mode *string `json:"mode" tf:"mode,omitempty"` + // +kubebuilder:validation:Optional + Mode *string `json:"mode,omitempty" tf:"mode,omitempty"` // Condition filter to match devices. For more information, see official documentation. - // +kubebuilder:validation:Required - Rule *string `json:"rule" tf:"rule,omitempty"` + // +kubebuilder:validation:Optional + Rule *string `json:"rule,omitempty" tf:"rule,omitempty"` +} + +type GrantControlsInitParameters struct { + + // List of built-in controls required by the policy. Possible values are: block, mfa, approvedApplication, compliantApplication, compliantDevice, domainJoinedDevice, passwordChange or unknownFutureValue. + BuiltInControls []*string `json:"builtInControls,omitempty" tf:"built_in_controls,omitempty"` + + // List of custom controls IDs required by the policy. + CustomAuthenticationFactors []*string `json:"customAuthenticationFactors,omitempty" tf:"custom_authentication_factors,omitempty"` + + // Defines the relationship of the grant controls. Possible values are: AND, OR. + Operator *string `json:"operator,omitempty" tf:"operator,omitempty"` + + // List of terms of use IDs required by the policy. + TermsOfUse []*string `json:"termsOfUse,omitempty" tf:"terms_of_use,omitempty"` } type GrantControlsObservation struct { @@ -197,22 +284,31 @@ type GrantControlsObservation struct { type GrantControlsParameters struct { // List of built-in controls required by the policy. Possible values are: block, mfa, approvedApplication, compliantApplication, compliantDevice, domainJoinedDevice, passwordChange or unknownFutureValue. - // +kubebuilder:validation:Required - BuiltInControls []*string `json:"builtInControls" tf:"built_in_controls,omitempty"` + // +kubebuilder:validation:Optional + BuiltInControls []*string `json:"builtInControls,omitempty" tf:"built_in_controls,omitempty"` // List of custom controls IDs required by the policy. // +kubebuilder:validation:Optional CustomAuthenticationFactors []*string `json:"customAuthenticationFactors,omitempty" tf:"custom_authentication_factors,omitempty"` // Defines the relationship of the grant controls. Possible values are: AND, OR. - // +kubebuilder:validation:Required - Operator *string `json:"operator" tf:"operator,omitempty"` + // +kubebuilder:validation:Optional + Operator *string `json:"operator,omitempty" tf:"operator,omitempty"` // List of terms of use IDs required by the policy. // +kubebuilder:validation:Optional TermsOfUse []*string `json:"termsOfUse,omitempty" tf:"terms_of_use,omitempty"` } +type LocationsInitParameters struct { + + // A list of location IDs excluded from scope of policy. Can also be set to AllTrusted. + ExcludedLocations []*string `json:"excludedLocations,omitempty" tf:"excluded_locations,omitempty"` + + // A list of location IDs in scope of policy unless explicitly excluded. Can also be set to All, or AllTrusted. + IncludedLocations []*string `json:"includedLocations,omitempty" tf:"included_locations,omitempty"` +} + type LocationsObservation struct { // A list of location IDs excluded from scope of policy. Can also be set to AllTrusted. @@ -229,8 +325,17 @@ type LocationsParameters struct { ExcludedLocations []*string `json:"excludedLocations,omitempty" tf:"excluded_locations,omitempty"` // A list of location IDs in scope of policy unless explicitly excluded. Can also be set to All, or AllTrusted. - // +kubebuilder:validation:Required - IncludedLocations []*string `json:"includedLocations" tf:"included_locations,omitempty"` + // +kubebuilder:validation:Optional + IncludedLocations []*string `json:"includedLocations,omitempty" tf:"included_locations,omitempty"` +} + +type PlatformsInitParameters struct { + + // A list of platforms explicitly excluded from the policy. Possible values are: all, android, iOS, linux, macOS, windows, windowsPhone or unknownFutureValue. + ExcludedPlatforms []*string `json:"excludedPlatforms,omitempty" tf:"excluded_platforms,omitempty"` + + // A list of platforms the policy applies to, unless explicitly excluded. Possible values are: all, android, iOS, linux, macOS, windows, windowsPhone or unknownFutureValue. + IncludedPlatforms []*string `json:"includedPlatforms,omitempty" tf:"included_platforms,omitempty"` } type PlatformsObservation struct { @@ -249,8 +354,26 @@ type PlatformsParameters struct { ExcludedPlatforms []*string `json:"excludedPlatforms,omitempty" tf:"excluded_platforms,omitempty"` // A list of platforms the policy applies to, unless explicitly excluded. Possible values are: all, android, iOS, linux, macOS, windows, windowsPhone or unknownFutureValue. - // +kubebuilder:validation:Required - IncludedPlatforms []*string `json:"includedPlatforms" tf:"included_platforms,omitempty"` + // +kubebuilder:validation:Optional + IncludedPlatforms []*string `json:"includedPlatforms,omitempty" tf:"included_platforms,omitempty"` +} + +type SessionControlsInitParameters struct { + + // Whether or not application enforced restrictions are enabled. Defaults to false. + ApplicationEnforcedRestrictionsEnabled *bool `json:"applicationEnforcedRestrictionsEnabled,omitempty" tf:"application_enforced_restrictions_enabled,omitempty"` + + // Enables cloud app security and specifies the cloud app security policy to use. Possible values are: blockDownloads, mcasConfigured, monitorOnly or unknownFutureValue. + CloudAppSecurityPolicy *string `json:"cloudAppSecurityPolicy,omitempty" tf:"cloud_app_security_policy,omitempty"` + + // Session control to define whether to persist cookies or not. Possible values are: always or never. + PersistentBrowserMode *string `json:"persistentBrowserMode,omitempty" tf:"persistent_browser_mode,omitempty"` + + // Number of days or hours to enforce sign-in frequency. Required when sign_in_frequency_period is specified. Due to an API issue, removing this property forces a new resource to be created. + SignInFrequency *float64 `json:"signInFrequency,omitempty" tf:"sign_in_frequency,omitempty"` + + // The time period to enforce sign-in frequency. Possible values are: hours or days. Required when sign_in_frequency_period is specified. Due to an API issue, removing this property forces a new resource to be created. + SignInFrequencyPeriod *string `json:"signInFrequencyPeriod,omitempty" tf:"sign_in_frequency_period,omitempty"` } type SessionControlsObservation struct { @@ -294,6 +417,27 @@ type SessionControlsParameters struct { SignInFrequencyPeriod *string `json:"signInFrequencyPeriod,omitempty" tf:"sign_in_frequency_period,omitempty"` } +type UsersInitParameters struct { + + // A list of group IDs excluded from scope of policy. + ExcludedGroups []*string `json:"excludedGroups,omitempty" tf:"excluded_groups,omitempty"` + + // A list of role IDs excluded from scope of policy. + ExcludedRoles []*string `json:"excludedRoles,omitempty" tf:"excluded_roles,omitempty"` + + // A list of user IDs excluded from scope of policy and/or GuestsOrExternalUsers. + ExcludedUsers []*string `json:"excludedUsers,omitempty" tf:"excluded_users,omitempty"` + + // A list of group IDs in scope of policy unless explicitly excluded. + IncludedGroups []*string `json:"includedGroups,omitempty" tf:"included_groups,omitempty"` + + // A list of role IDs in scope of policy unless explicitly excluded. + IncludedRoles []*string `json:"includedRoles,omitempty" tf:"included_roles,omitempty"` + + // A list of user IDs in scope of policy unless explicitly excluded, or None or All or GuestsOrExternalUsers. + IncludedUsers []*string `json:"includedUsers,omitempty" tf:"included_users,omitempty"` +} + type UsersObservation struct { // A list of group IDs excluded from scope of policy. @@ -346,6 +490,18 @@ type UsersParameters struct { type AccessPolicySpec struct { v1.ResourceSpec `json:",inline"` ForProvider AccessPolicyParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider AccessPolicyInitParameters `json:"initProvider,omitempty"` } // AccessPolicyStatus defines the observed state of AccessPolicy. @@ -366,10 +522,10 @@ type AccessPolicyStatus struct { type AccessPolicy struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.conditions)",message="conditions is a required parameter" - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.displayName)",message="displayName is a required parameter" - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.grantControls)",message="grantControls is a required parameter" - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.state)",message="state is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.conditions) || has(self.initProvider.conditions)",message="conditions is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.displayName) || has(self.initProvider.displayName)",message="displayName is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.grantControls) || has(self.initProvider.grantControls)",message="grantControls is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.state) || has(self.initProvider.state)",message="state is a required parameter" Spec AccessPolicySpec `json:"spec"` Status AccessPolicyStatus `json:"status,omitempty"` } diff --git a/apis/conditionalaccess/v1beta1/zz_generated.deepcopy.go b/apis/conditionalaccess/v1beta1/zz_generated.deepcopy.go index 8d82415b..c6324e98 100644 --- a/apis/conditionalaccess/v1beta1/zz_generated.deepcopy.go +++ b/apis/conditionalaccess/v1beta1/zz_generated.deepcopy.go @@ -40,6 +40,52 @@ func (in *AccessPolicy) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AccessPolicyInitParameters) DeepCopyInto(out *AccessPolicyInitParameters) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]ConditionsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.DisplayName != nil { + in, out := &in.DisplayName, &out.DisplayName + *out = new(string) + **out = **in + } + if in.GrantControls != nil { + in, out := &in.GrantControls, &out.GrantControls + *out = make([]GrantControlsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SessionControls != nil { + in, out := &in.SessionControls, &out.SessionControls + *out = make([]SessionControlsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.State != nil { + in, out := &in.State, &out.State + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessPolicyInitParameters. +func (in *AccessPolicyInitParameters) DeepCopy() *AccessPolicyInitParameters { + if in == nil { + return nil + } + out := new(AccessPolicyInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AccessPolicyList) DeepCopyInto(out *AccessPolicyList) { *out = *in @@ -174,6 +220,7 @@ func (in *AccessPolicySpec) DeepCopyInto(out *AccessPolicySpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessPolicySpec. @@ -203,6 +250,54 @@ func (in *AccessPolicyStatus) DeepCopy() *AccessPolicyStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ApplicationsInitParameters) DeepCopyInto(out *ApplicationsInitParameters) { + *out = *in + if in.ExcludedApplications != nil { + in, out := &in.ExcludedApplications, &out.ExcludedApplications + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IncludedApplications != nil { + in, out := &in.IncludedApplications, &out.IncludedApplications + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IncludedUserActions != nil { + in, out := &in.IncludedUserActions, &out.IncludedUserActions + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ApplicationsInitParameters. +func (in *ApplicationsInitParameters) DeepCopy() *ApplicationsInitParameters { + if in == nil { + return nil + } + out := new(ApplicationsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ApplicationsObservation) DeepCopyInto(out *ApplicationsObservation) { *out = *in @@ -299,6 +394,89 @@ func (in *ApplicationsParameters) DeepCopy() *ApplicationsParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ConditionsInitParameters) DeepCopyInto(out *ConditionsInitParameters) { + *out = *in + if in.Applications != nil { + in, out := &in.Applications, &out.Applications + *out = make([]ApplicationsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ClientAppTypes != nil { + in, out := &in.ClientAppTypes, &out.ClientAppTypes + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Devices != nil { + in, out := &in.Devices, &out.Devices + *out = make([]DevicesInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Locations != nil { + in, out := &in.Locations, &out.Locations + *out = make([]LocationsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Platforms != nil { + in, out := &in.Platforms, &out.Platforms + *out = make([]PlatformsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SignInRiskLevels != nil { + in, out := &in.SignInRiskLevels, &out.SignInRiskLevels + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.UserRiskLevels != nil { + in, out := &in.UserRiskLevels, &out.UserRiskLevels + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Users != nil { + in, out := &in.Users, &out.Users + *out = make([]UsersInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConditionsInitParameters. +func (in *ConditionsInitParameters) DeepCopy() *ConditionsInitParameters { + if in == nil { + return nil + } + out := new(ConditionsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ConditionsObservation) DeepCopyInto(out *ConditionsObservation) { *out = *in @@ -465,6 +643,37 @@ func (in *ConditionsParameters) DeepCopy() *ConditionsParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CountryInitParameters) DeepCopyInto(out *CountryInitParameters) { + *out = *in + if in.CountriesAndRegions != nil { + in, out := &in.CountriesAndRegions, &out.CountriesAndRegions + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IncludeUnknownCountriesAndRegions != nil { + in, out := &in.IncludeUnknownCountriesAndRegions, &out.IncludeUnknownCountriesAndRegions + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CountryInitParameters. +func (in *CountryInitParameters) DeepCopy() *CountryInitParameters { + if in == nil { + return nil + } + out := new(CountryInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CountryObservation) DeepCopyInto(out *CountryObservation) { *out = *in @@ -527,6 +736,28 @@ func (in *CountryParameters) DeepCopy() *CountryParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DevicesInitParameters) DeepCopyInto(out *DevicesInitParameters) { + *out = *in + if in.Filter != nil { + in, out := &in.Filter, &out.Filter + *out = make([]FilterInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DevicesInitParameters. +func (in *DevicesInitParameters) DeepCopy() *DevicesInitParameters { + if in == nil { + return nil + } + out := new(DevicesInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DevicesObservation) DeepCopyInto(out *DevicesObservation) { *out = *in @@ -571,6 +802,31 @@ func (in *DevicesParameters) DeepCopy() *DevicesParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FilterInitParameters) DeepCopyInto(out *FilterInitParameters) { + *out = *in + if in.Mode != nil { + in, out := &in.Mode, &out.Mode + *out = new(string) + **out = **in + } + if in.Rule != nil { + in, out := &in.Rule, &out.Rule + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FilterInitParameters. +func (in *FilterInitParameters) DeepCopy() *FilterInitParameters { + if in == nil { + return nil + } + out := new(FilterInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FilterObservation) DeepCopyInto(out *FilterObservation) { *out = *in @@ -621,6 +877,59 @@ func (in *FilterParameters) DeepCopy() *FilterParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GrantControlsInitParameters) DeepCopyInto(out *GrantControlsInitParameters) { + *out = *in + if in.BuiltInControls != nil { + in, out := &in.BuiltInControls, &out.BuiltInControls + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.CustomAuthenticationFactors != nil { + in, out := &in.CustomAuthenticationFactors, &out.CustomAuthenticationFactors + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Operator != nil { + in, out := &in.Operator, &out.Operator + *out = new(string) + **out = **in + } + if in.TermsOfUse != nil { + in, out := &in.TermsOfUse, &out.TermsOfUse + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GrantControlsInitParameters. +func (in *GrantControlsInitParameters) DeepCopy() *GrantControlsInitParameters { + if in == nil { + return nil + } + out := new(GrantControlsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *GrantControlsObservation) DeepCopyInto(out *GrantControlsObservation) { *out = *in @@ -727,6 +1036,37 @@ func (in *GrantControlsParameters) DeepCopy() *GrantControlsParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IPInitParameters) DeepCopyInto(out *IPInitParameters) { + *out = *in + if in.IPRanges != nil { + in, out := &in.IPRanges, &out.IPRanges + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Trusted != nil { + in, out := &in.Trusted, &out.Trusted + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPInitParameters. +func (in *IPInitParameters) DeepCopy() *IPInitParameters { + if in == nil { + return nil + } + out := new(IPInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IPObservation) DeepCopyInto(out *IPObservation) { *out = *in @@ -816,6 +1156,40 @@ func (in *Location) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LocationInitParameters) DeepCopyInto(out *LocationInitParameters) { + *out = *in + if in.Country != nil { + in, out := &in.Country, &out.Country + *out = make([]CountryInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.DisplayName != nil { + in, out := &in.DisplayName, &out.DisplayName + *out = new(string) + **out = **in + } + if in.IP != nil { + in, out := &in.IP, &out.IP + *out = make([]IPInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocationInitParameters. +func (in *LocationInitParameters) DeepCopy() *LocationInitParameters { + if in == nil { + return nil + } + out := new(LocationInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LocationList) DeepCopyInto(out *LocationList) { *out = *in @@ -926,6 +1300,7 @@ func (in *LocationSpec) DeepCopyInto(out *LocationSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocationSpec. @@ -955,6 +1330,43 @@ func (in *LocationStatus) DeepCopy() *LocationStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LocationsInitParameters) DeepCopyInto(out *LocationsInitParameters) { + *out = *in + if in.ExcludedLocations != nil { + in, out := &in.ExcludedLocations, &out.ExcludedLocations + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IncludedLocations != nil { + in, out := &in.IncludedLocations, &out.IncludedLocations + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocationsInitParameters. +func (in *LocationsInitParameters) DeepCopy() *LocationsInitParameters { + if in == nil { + return nil + } + out := new(LocationsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LocationsObservation) DeepCopyInto(out *LocationsObservation) { *out = *in @@ -1029,6 +1441,43 @@ func (in *LocationsParameters) DeepCopy() *LocationsParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PlatformsInitParameters) DeepCopyInto(out *PlatformsInitParameters) { + *out = *in + if in.ExcludedPlatforms != nil { + in, out := &in.ExcludedPlatforms, &out.ExcludedPlatforms + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IncludedPlatforms != nil { + in, out := &in.IncludedPlatforms, &out.IncludedPlatforms + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PlatformsInitParameters. +func (in *PlatformsInitParameters) DeepCopy() *PlatformsInitParameters { + if in == nil { + return nil + } + out := new(PlatformsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PlatformsObservation) DeepCopyInto(out *PlatformsObservation) { *out = *in @@ -1103,6 +1552,46 @@ func (in *PlatformsParameters) DeepCopy() *PlatformsParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SessionControlsInitParameters) DeepCopyInto(out *SessionControlsInitParameters) { + *out = *in + if in.ApplicationEnforcedRestrictionsEnabled != nil { + in, out := &in.ApplicationEnforcedRestrictionsEnabled, &out.ApplicationEnforcedRestrictionsEnabled + *out = new(bool) + **out = **in + } + if in.CloudAppSecurityPolicy != nil { + in, out := &in.CloudAppSecurityPolicy, &out.CloudAppSecurityPolicy + *out = new(string) + **out = **in + } + if in.PersistentBrowserMode != nil { + in, out := &in.PersistentBrowserMode, &out.PersistentBrowserMode + *out = new(string) + **out = **in + } + if in.SignInFrequency != nil { + in, out := &in.SignInFrequency, &out.SignInFrequency + *out = new(float64) + **out = **in + } + if in.SignInFrequencyPeriod != nil { + in, out := &in.SignInFrequencyPeriod, &out.SignInFrequencyPeriod + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SessionControlsInitParameters. +func (in *SessionControlsInitParameters) DeepCopy() *SessionControlsInitParameters { + if in == nil { + return nil + } + out := new(SessionControlsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SessionControlsObservation) DeepCopyInto(out *SessionControlsObservation) { *out = *in @@ -1183,6 +1672,87 @@ func (in *SessionControlsParameters) DeepCopy() *SessionControlsParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UsersInitParameters) DeepCopyInto(out *UsersInitParameters) { + *out = *in + if in.ExcludedGroups != nil { + in, out := &in.ExcludedGroups, &out.ExcludedGroups + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.ExcludedRoles != nil { + in, out := &in.ExcludedRoles, &out.ExcludedRoles + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.ExcludedUsers != nil { + in, out := &in.ExcludedUsers, &out.ExcludedUsers + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IncludedGroups != nil { + in, out := &in.IncludedGroups, &out.IncludedGroups + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IncludedRoles != nil { + in, out := &in.IncludedRoles, &out.IncludedRoles + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.IncludedUsers != nil { + in, out := &in.IncludedUsers, &out.IncludedUsers + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UsersInitParameters. +func (in *UsersInitParameters) DeepCopy() *UsersInitParameters { + if in == nil { + return nil + } + out := new(UsersInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *UsersObservation) DeepCopyInto(out *UsersObservation) { *out = *in diff --git a/apis/conditionalaccess/v1beta1/zz_generated.managed.go b/apis/conditionalaccess/v1beta1/zz_generated.managed.go index ecb31e3c..a6cb58be 100644 --- a/apis/conditionalaccess/v1beta1/zz_generated.managed.go +++ b/apis/conditionalaccess/v1beta1/zz_generated.managed.go @@ -17,9 +17,9 @@ func (mg *AccessPolicy) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this AccessPolicy. -func (mg *AccessPolicy) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this AccessPolicy. +func (mg *AccessPolicy) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this AccessPolicy. @@ -55,9 +55,9 @@ func (mg *AccessPolicy) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this AccessPolicy. -func (mg *AccessPolicy) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this AccessPolicy. +func (mg *AccessPolicy) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this AccessPolicy. @@ -93,9 +93,9 @@ func (mg *Location) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this Location. -func (mg *Location) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this Location. +func (mg *Location) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this Location. @@ -131,9 +131,9 @@ func (mg *Location) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this Location. -func (mg *Location) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this Location. +func (mg *Location) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this Location. diff --git a/apis/conditionalaccess/v1beta1/zz_generated_terraformed.go b/apis/conditionalaccess/v1beta1/zz_generated_terraformed.go index 00a608c3..e0458bd9 100755 --- a/apis/conditionalaccess/v1beta1/zz_generated_terraformed.go +++ b/apis/conditionalaccess/v1beta1/zz_generated_terraformed.go @@ -69,6 +69,16 @@ func (tr *AccessPolicy) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this AccessPolicy +func (tr *AccessPolicy) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this AccessPolicy using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *AccessPolicy) LateInitialize(attrs []byte) (bool, error) { @@ -143,6 +153,16 @@ func (tr *Location) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this Location +func (tr *Location) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this Location using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *Location) LateInitialize(attrs []byte) (bool, error) { diff --git a/apis/conditionalaccess/v1beta1/zz_location_types.go b/apis/conditionalaccess/v1beta1/zz_location_types.go index 555aa20e..29a3ce84 100755 --- a/apis/conditionalaccess/v1beta1/zz_location_types.go +++ b/apis/conditionalaccess/v1beta1/zz_location_types.go @@ -13,6 +13,15 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type CountryInitParameters struct { + + // List of countries and/or regions in two-letter format specified by ISO 3166-2. + CountriesAndRegions []*string `json:"countriesAndRegions,omitempty" tf:"countries_and_regions,omitempty"` + + // Whether IP addresses that don't map to a country or region should be included in the named location. Defaults to false. + IncludeUnknownCountriesAndRegions *bool `json:"includeUnknownCountriesAndRegions,omitempty" tf:"include_unknown_countries_and_regions,omitempty"` +} + type CountryObservation struct { // List of countries and/or regions in two-letter format specified by ISO 3166-2. @@ -25,14 +34,23 @@ type CountryObservation struct { type CountryParameters struct { // List of countries and/or regions in two-letter format specified by ISO 3166-2. - // +kubebuilder:validation:Required - CountriesAndRegions []*string `json:"countriesAndRegions" tf:"countries_and_regions,omitempty"` + // +kubebuilder:validation:Optional + CountriesAndRegions []*string `json:"countriesAndRegions,omitempty" tf:"countries_and_regions,omitempty"` // Whether IP addresses that don't map to a country or region should be included in the named location. Defaults to false. // +kubebuilder:validation:Optional IncludeUnknownCountriesAndRegions *bool `json:"includeUnknownCountriesAndRegions,omitempty" tf:"include_unknown_countries_and_regions,omitempty"` } +type IPInitParameters struct { + + // List of IP address ranges in IPv4 CIDR format (e.g. 1.2.3.4/32) or any allowable IPv6 format from IETF RFC596. + IPRanges []*string `json:"ipRanges,omitempty" tf:"ip_ranges,omitempty"` + + // Whether the named location is trusted. Defaults to false. + Trusted *bool `json:"trusted,omitempty" tf:"trusted,omitempty"` +} + type IPObservation struct { // List of IP address ranges in IPv4 CIDR format (e.g. 1.2.3.4/32) or any allowable IPv6 format from IETF RFC596. @@ -45,14 +63,26 @@ type IPObservation struct { type IPParameters struct { // List of IP address ranges in IPv4 CIDR format (e.g. 1.2.3.4/32) or any allowable IPv6 format from IETF RFC596. - // +kubebuilder:validation:Required - IPRanges []*string `json:"ipRanges" tf:"ip_ranges,omitempty"` + // +kubebuilder:validation:Optional + IPRanges []*string `json:"ipRanges,omitempty" tf:"ip_ranges,omitempty"` // Whether the named location is trusted. Defaults to false. // +kubebuilder:validation:Optional Trusted *bool `json:"trusted,omitempty" tf:"trusted,omitempty"` } +type LocationInitParameters struct { + + // A country block as documented below, which configures a country-based named location. + Country []CountryInitParameters `json:"country,omitempty" tf:"country,omitempty"` + + // The friendly name for this named location. + DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"` + + // An ip block as documented below, which configures an IP-based named location. + IP []IPInitParameters `json:"ip,omitempty" tf:"ip,omitempty"` +} + type LocationObservation struct { // A country block as documented below, which configures a country-based named location. @@ -87,6 +117,18 @@ type LocationParameters struct { type LocationSpec struct { v1.ResourceSpec `json:",inline"` ForProvider LocationParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider LocationInitParameters `json:"initProvider,omitempty"` } // LocationStatus defines the observed state of Location. @@ -107,7 +149,7 @@ type LocationStatus struct { type Location struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.displayName)",message="displayName is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.displayName) || has(self.initProvider.displayName)",message="displayName is a required parameter" Spec LocationSpec `json:"spec"` Status LocationStatus `json:"status,omitempty"` } diff --git a/apis/directoryroles/v1beta1/zz_customdirectoryrole_types.go b/apis/directoryroles/v1beta1/zz_customdirectoryrole_types.go index 360f898b..4f1372fa 100755 --- a/apis/directoryroles/v1beta1/zz_customdirectoryrole_types.go +++ b/apis/directoryroles/v1beta1/zz_customdirectoryrole_types.go @@ -13,6 +13,33 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type CustomDirectoryRoleInitParameters struct { + + // The description of the custom directory role. + // The description of the custom directory role + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // The display name of the custom directory role. + // The display name of the custom directory role + DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"` + + // Indicates whether the role is enabled for assignment. + // Indicates whether the role is enabled for assignment + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // A collection of permissions blocks as documented below. + // List of permissions that are included in the custom directory role + Permissions []PermissionsInitParameters `json:"permissions,omitempty" tf:"permissions,omitempty"` + + // Custom template identifier that is typically used if one needs an identifier to be the same across different directories. Changing this forces a new resource to be created. + // Custom template identifier that is typically used if one needs an identifier to be the same across different directories. + TemplateID *string `json:"templateId,omitempty" tf:"template_id,omitempty"` + + // - The version of the role definition. This can be any arbitrary string between 1-128 characters. + // The version of the role definition. + Version *string `json:"version,omitempty" tf:"version,omitempty"` +} + type CustomDirectoryRoleObservation struct { // The description of the custom directory role. @@ -79,6 +106,13 @@ type CustomDirectoryRoleParameters struct { Version *string `json:"version,omitempty" tf:"version,omitempty"` } +type PermissionsInitParameters struct { + + // A set of tasks that can be performed on a resource. For more information, see the Permissions Reference documentation. + // Set of tasks that can be performed on a resource + AllowedResourceActions []*string `json:"allowedResourceActions,omitempty" tf:"allowed_resource_actions,omitempty"` +} + type PermissionsObservation struct { // A set of tasks that can be performed on a resource. For more information, see the Permissions Reference documentation. @@ -90,14 +124,26 @@ type PermissionsParameters struct { // A set of tasks that can be performed on a resource. For more information, see the Permissions Reference documentation. // Set of tasks that can be performed on a resource - // +kubebuilder:validation:Required - AllowedResourceActions []*string `json:"allowedResourceActions" tf:"allowed_resource_actions,omitempty"` + // +kubebuilder:validation:Optional + AllowedResourceActions []*string `json:"allowedResourceActions,omitempty" tf:"allowed_resource_actions,omitempty"` } // CustomDirectoryRoleSpec defines the desired state of CustomDirectoryRole type CustomDirectoryRoleSpec struct { v1.ResourceSpec `json:",inline"` ForProvider CustomDirectoryRoleParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider CustomDirectoryRoleInitParameters `json:"initProvider,omitempty"` } // CustomDirectoryRoleStatus defines the observed state of CustomDirectoryRole. @@ -118,10 +164,10 @@ type CustomDirectoryRoleStatus struct { type CustomDirectoryRole struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.displayName)",message="displayName is a required parameter" - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.enabled)",message="enabled is a required parameter" - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.permissions)",message="permissions is a required parameter" - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.version)",message="version is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.displayName) || has(self.initProvider.displayName)",message="displayName is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.enabled) || has(self.initProvider.enabled)",message="enabled is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.permissions) || has(self.initProvider.permissions)",message="permissions is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.version) || has(self.initProvider.version)",message="version is a required parameter" Spec CustomDirectoryRoleSpec `json:"spec"` Status CustomDirectoryRoleStatus `json:"status,omitempty"` } diff --git a/apis/directoryroles/v1beta1/zz_generated.deepcopy.go b/apis/directoryroles/v1beta1/zz_generated.deepcopy.go index 2cbd21b6..137703af 100644 --- a/apis/directoryroles/v1beta1/zz_generated.deepcopy.go +++ b/apis/directoryroles/v1beta1/zz_generated.deepcopy.go @@ -41,6 +41,53 @@ func (in *CustomDirectoryRole) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CustomDirectoryRoleInitParameters) DeepCopyInto(out *CustomDirectoryRoleInitParameters) { + *out = *in + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.DisplayName != nil { + in, out := &in.DisplayName, &out.DisplayName + *out = new(string) + **out = **in + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.Permissions != nil { + in, out := &in.Permissions, &out.Permissions + *out = make([]PermissionsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.TemplateID != nil { + in, out := &in.TemplateID, &out.TemplateID + *out = new(string) + **out = **in + } + if in.Version != nil { + in, out := &in.Version, &out.Version + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomDirectoryRoleInitParameters. +func (in *CustomDirectoryRoleInitParameters) DeepCopy() *CustomDirectoryRoleInitParameters { + if in == nil { + return nil + } + out := new(CustomDirectoryRoleInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CustomDirectoryRoleList) DeepCopyInto(out *CustomDirectoryRoleList) { *out = *in @@ -182,6 +229,7 @@ func (in *CustomDirectoryRoleSpec) DeepCopyInto(out *CustomDirectoryRoleSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomDirectoryRoleSpec. @@ -211,6 +259,32 @@ func (in *CustomDirectoryRoleStatus) DeepCopy() *CustomDirectoryRoleStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PermissionsInitParameters) DeepCopyInto(out *PermissionsInitParameters) { + *out = *in + if in.AllowedResourceActions != nil { + in, out := &in.AllowedResourceActions, &out.AllowedResourceActions + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PermissionsInitParameters. +func (in *PermissionsInitParameters) DeepCopy() *PermissionsInitParameters { + if in == nil { + return nil + } + out := new(PermissionsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PermissionsObservation) DeepCopyInto(out *PermissionsObservation) { *out = *in @@ -317,6 +391,41 @@ func (in *RoleAssignment) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RoleAssignmentInitParameters) DeepCopyInto(out *RoleAssignmentInitParameters) { + *out = *in + if in.AppScopeID != nil { + in, out := &in.AppScopeID, &out.AppScopeID + *out = new(string) + **out = **in + } + if in.AppScopeObjectID != nil { + in, out := &in.AppScopeObjectID, &out.AppScopeObjectID + *out = new(string) + **out = **in + } + if in.DirectoryScopeID != nil { + in, out := &in.DirectoryScopeID, &out.DirectoryScopeID + *out = new(string) + **out = **in + } + if in.DirectoryScopeObjectID != nil { + in, out := &in.DirectoryScopeObjectID, &out.DirectoryScopeObjectID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleAssignmentInitParameters. +func (in *RoleAssignmentInitParameters) DeepCopy() *RoleAssignmentInitParameters { + if in == nil { + return nil + } + out := new(RoleAssignmentInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RoleAssignmentList) DeepCopyInto(out *RoleAssignmentList) { *out = *in @@ -469,6 +578,7 @@ func (in *RoleAssignmentSpec) DeepCopyInto(out *RoleAssignmentSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleAssignmentSpec. @@ -498,6 +608,26 @@ func (in *RoleAssignmentStatus) DeepCopy() *RoleAssignmentStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RoleInitParameters) DeepCopyInto(out *RoleInitParameters) { + *out = *in + if in.DisplayName != nil { + in, out := &in.DisplayName, &out.DisplayName + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleInitParameters. +func (in *RoleInitParameters) DeepCopy() *RoleInitParameters { + if in == nil { + return nil + } + out := new(RoleInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RoleList) DeepCopyInto(out *RoleList) { *out = *in @@ -595,6 +725,7 @@ func (in *RoleSpec) DeepCopyInto(out *RoleSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleSpec. diff --git a/apis/directoryroles/v1beta1/zz_generated.managed.go b/apis/directoryroles/v1beta1/zz_generated.managed.go index 5dd980cb..35884d0a 100644 --- a/apis/directoryroles/v1beta1/zz_generated.managed.go +++ b/apis/directoryroles/v1beta1/zz_generated.managed.go @@ -17,9 +17,9 @@ func (mg *CustomDirectoryRole) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this CustomDirectoryRole. -func (mg *CustomDirectoryRole) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this CustomDirectoryRole. +func (mg *CustomDirectoryRole) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this CustomDirectoryRole. @@ -55,9 +55,9 @@ func (mg *CustomDirectoryRole) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this CustomDirectoryRole. -func (mg *CustomDirectoryRole) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this CustomDirectoryRole. +func (mg *CustomDirectoryRole) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this CustomDirectoryRole. @@ -93,9 +93,9 @@ func (mg *Role) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this Role. -func (mg *Role) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this Role. +func (mg *Role) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this Role. @@ -131,9 +131,9 @@ func (mg *Role) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this Role. -func (mg *Role) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this Role. +func (mg *Role) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this Role. @@ -169,9 +169,9 @@ func (mg *RoleAssignment) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this RoleAssignment. -func (mg *RoleAssignment) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this RoleAssignment. +func (mg *RoleAssignment) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this RoleAssignment. @@ -207,9 +207,9 @@ func (mg *RoleAssignment) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this RoleAssignment. -func (mg *RoleAssignment) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this RoleAssignment. +func (mg *RoleAssignment) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this RoleAssignment. diff --git a/apis/directoryroles/v1beta1/zz_generated_terraformed.go b/apis/directoryroles/v1beta1/zz_generated_terraformed.go index d5e5d944..0748027f 100755 --- a/apis/directoryroles/v1beta1/zz_generated_terraformed.go +++ b/apis/directoryroles/v1beta1/zz_generated_terraformed.go @@ -69,6 +69,16 @@ func (tr *CustomDirectoryRole) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this CustomDirectoryRole +func (tr *CustomDirectoryRole) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this CustomDirectoryRole using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *CustomDirectoryRole) LateInitialize(attrs []byte) (bool, error) { @@ -143,6 +153,16 @@ func (tr *Role) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this Role +func (tr *Role) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this Role using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *Role) LateInitialize(attrs []byte) (bool, error) { @@ -217,6 +237,16 @@ func (tr *RoleAssignment) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this RoleAssignment +func (tr *RoleAssignment) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this RoleAssignment using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *RoleAssignment) LateInitialize(attrs []byte) (bool, error) { diff --git a/apis/directoryroles/v1beta1/zz_role_types.go b/apis/directoryroles/v1beta1/zz_role_types.go index d942cbfa..9e81453c 100755 --- a/apis/directoryroles/v1beta1/zz_role_types.go +++ b/apis/directoryroles/v1beta1/zz_role_types.go @@ -13,6 +13,13 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type RoleInitParameters struct { + + // The display name of the directory role to activate. Changing this forces a new resource to be created. + // The display name of the directory role + DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"` +} + type RoleObservation struct { // The description of the directory role. @@ -46,6 +53,18 @@ type RoleParameters struct { type RoleSpec struct { v1.ResourceSpec `json:",inline"` ForProvider RoleParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider RoleInitParameters `json:"initProvider,omitempty"` } // RoleStatus defines the observed state of Role. diff --git a/apis/directoryroles/v1beta1/zz_roleassignment_types.go b/apis/directoryroles/v1beta1/zz_roleassignment_types.go index bed4baad..2d0518da 100755 --- a/apis/directoryroles/v1beta1/zz_roleassignment_types.go +++ b/apis/directoryroles/v1beta1/zz_roleassignment_types.go @@ -13,6 +13,23 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type RoleAssignmentInitParameters struct { + + // Identifier of the app-specific scope when the assignment scope is app-specific. Cannot be used with directory_scope_id. See official documentation for example usage. Changing this forces a new resource to be created. + // Identifier of the app-specific scope when the assignment scope is app-specific + AppScopeID *string `json:"appScopeId,omitempty" tf:"app_scope_id,omitempty"` + + // Identifier of the app-specific scope when the assignment scope is app-specific + AppScopeObjectID *string `json:"appScopeObjectId,omitempty" tf:"app_scope_object_id,omitempty"` + + // Identifier of the directory object representing the scope of the assignment. Cannot be used with app_scope_id. See official documentation for example usage. Changing this forces a new resource to be created. + // Identifier of the directory object representing the scope of the assignment + DirectoryScopeID *string `json:"directoryScopeId,omitempty" tf:"directory_scope_id,omitempty"` + + // Identifier of the directory object representing the scope of the assignment + DirectoryScopeObjectID *string `json:"directoryScopeObjectId,omitempty" tf:"directory_scope_object_id,omitempty"` +} + type RoleAssignmentObservation struct { // Identifier of the app-specific scope when the assignment scope is app-specific. Cannot be used with directory_scope_id. See official documentation for example usage. Changing this forces a new resource to be created. @@ -94,6 +111,18 @@ type RoleAssignmentParameters struct { type RoleAssignmentSpec struct { v1.ResourceSpec `json:",inline"` ForProvider RoleAssignmentParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider RoleAssignmentInitParameters `json:"initProvider,omitempty"` } // RoleAssignmentStatus defines the observed state of RoleAssignment. diff --git a/apis/groups/v1beta1/zz_generated.deepcopy.go b/apis/groups/v1beta1/zz_generated.deepcopy.go index 67ab1903..66502abc 100644 --- a/apis/groups/v1beta1/zz_generated.deepcopy.go +++ b/apis/groups/v1beta1/zz_generated.deepcopy.go @@ -14,6 +14,31 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DynamicMembershipInitParameters) DeepCopyInto(out *DynamicMembershipInitParameters) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.Rule != nil { + in, out := &in.Rule, &out.Rule + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DynamicMembershipInitParameters. +func (in *DynamicMembershipInitParameters) DeepCopy() *DynamicMembershipInitParameters { + if in == nil { + return nil + } + out := new(DynamicMembershipInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DynamicMembershipObservation) DeepCopyInto(out *DynamicMembershipObservation) { *out = *in @@ -91,6 +116,169 @@ func (in *Group) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GroupInitParameters) DeepCopyInto(out *GroupInitParameters) { + *out = *in + if in.AdministrativeUnitIds != nil { + in, out := &in.AdministrativeUnitIds, &out.AdministrativeUnitIds + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.AssignableToRole != nil { + in, out := &in.AssignableToRole, &out.AssignableToRole + *out = new(bool) + **out = **in + } + if in.AutoSubscribeNewMembers != nil { + in, out := &in.AutoSubscribeNewMembers, &out.AutoSubscribeNewMembers + *out = new(bool) + **out = **in + } + if in.Behaviors != nil { + in, out := &in.Behaviors, &out.Behaviors + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.DisplayName != nil { + in, out := &in.DisplayName, &out.DisplayName + *out = new(string) + **out = **in + } + if in.DynamicMembership != nil { + in, out := &in.DynamicMembership, &out.DynamicMembership + *out = make([]DynamicMembershipInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ExternalSendersAllowed != nil { + in, out := &in.ExternalSendersAllowed, &out.ExternalSendersAllowed + *out = new(bool) + **out = **in + } + if in.HideFromAddressLists != nil { + in, out := &in.HideFromAddressLists, &out.HideFromAddressLists + *out = new(bool) + **out = **in + } + if in.HideFromOutlookClients != nil { + in, out := &in.HideFromOutlookClients, &out.HideFromOutlookClients + *out = new(bool) + **out = **in + } + if in.MailEnabled != nil { + in, out := &in.MailEnabled, &out.MailEnabled + *out = new(bool) + **out = **in + } + if in.MailNickname != nil { + in, out := &in.MailNickname, &out.MailNickname + *out = new(string) + **out = **in + } + if in.Members != nil { + in, out := &in.Members, &out.Members + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.OnpremisesGroupType != nil { + in, out := &in.OnpremisesGroupType, &out.OnpremisesGroupType + *out = new(string) + **out = **in + } + if in.Owners != nil { + in, out := &in.Owners, &out.Owners + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.PreventDuplicateNames != nil { + in, out := &in.PreventDuplicateNames, &out.PreventDuplicateNames + *out = new(bool) + **out = **in + } + if in.ProvisioningOptions != nil { + in, out := &in.ProvisioningOptions, &out.ProvisioningOptions + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.SecurityEnabled != nil { + in, out := &in.SecurityEnabled, &out.SecurityEnabled + *out = new(bool) + **out = **in + } + if in.Theme != nil { + in, out := &in.Theme, &out.Theme + *out = new(string) + **out = **in + } + if in.Types != nil { + in, out := &in.Types, &out.Types + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Visibility != nil { + in, out := &in.Visibility, &out.Visibility + *out = new(string) + **out = **in + } + if in.WritebackEnabled != nil { + in, out := &in.WritebackEnabled, &out.WritebackEnabled + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupInitParameters. +func (in *GroupInitParameters) DeepCopy() *GroupInitParameters { + if in == nil { + return nil + } + out := new(GroupInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *GroupList) DeepCopyInto(out *GroupList) { *out = *in @@ -510,6 +698,7 @@ func (in *GroupSpec) DeepCopyInto(out *GroupSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupSpec. @@ -566,6 +755,21 @@ func (in *Member) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MemberInitParameters) DeepCopyInto(out *MemberInitParameters) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MemberInitParameters. +func (in *MemberInitParameters) DeepCopy() *MemberInitParameters { + if in == nil { + return nil + } + out := new(MemberInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *MemberList) DeepCopyInto(out *MemberList) { *out = *in @@ -678,6 +882,7 @@ func (in *MemberSpec) DeepCopyInto(out *MemberSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + out.InitProvider = in.InitProvider } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MemberSpec. diff --git a/apis/groups/v1beta1/zz_generated.managed.go b/apis/groups/v1beta1/zz_generated.managed.go index 3821e3dc..a262ca46 100644 --- a/apis/groups/v1beta1/zz_generated.managed.go +++ b/apis/groups/v1beta1/zz_generated.managed.go @@ -17,9 +17,9 @@ func (mg *Group) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this Group. -func (mg *Group) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this Group. +func (mg *Group) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this Group. @@ -55,9 +55,9 @@ func (mg *Group) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this Group. -func (mg *Group) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this Group. +func (mg *Group) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this Group. @@ -93,9 +93,9 @@ func (mg *Member) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this Member. -func (mg *Member) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this Member. +func (mg *Member) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this Member. @@ -131,9 +131,9 @@ func (mg *Member) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this Member. -func (mg *Member) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this Member. +func (mg *Member) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this Member. diff --git a/apis/groups/v1beta1/zz_generated_terraformed.go b/apis/groups/v1beta1/zz_generated_terraformed.go index 665e6779..0759e6e7 100755 --- a/apis/groups/v1beta1/zz_generated_terraformed.go +++ b/apis/groups/v1beta1/zz_generated_terraformed.go @@ -69,6 +69,16 @@ func (tr *Group) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this Group +func (tr *Group) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this Group using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *Group) LateInitialize(attrs []byte) (bool, error) { @@ -143,6 +153,16 @@ func (tr *Member) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this Member +func (tr *Member) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this Member using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *Member) LateInitialize(attrs []byte) (bool, error) { diff --git a/apis/groups/v1beta1/zz_group_types.go b/apis/groups/v1beta1/zz_group_types.go index 348f1a41..4f902f22 100755 --- a/apis/groups/v1beta1/zz_group_types.go +++ b/apis/groups/v1beta1/zz_group_types.go @@ -13,6 +13,16 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type DynamicMembershipInitParameters struct { + + // Whether rule processing is "On" (true) or "Paused" (false). + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // The rule that determines membership of this group. For more information, see official documentation on membership rules syntax. + // Rule to determine members for a dynamic group. Required when `group_types` contains 'DynamicMembership' + Rule *string `json:"rule,omitempty" tf:"rule,omitempty"` +} + type DynamicMembershipObservation struct { // Whether rule processing is "On" (true) or "Paused" (false). @@ -26,13 +36,104 @@ type DynamicMembershipObservation struct { type DynamicMembershipParameters struct { // Whether rule processing is "On" (true) or "Paused" (false). - // +kubebuilder:validation:Required - Enabled *bool `json:"enabled" tf:"enabled,omitempty"` + // +kubebuilder:validation:Optional + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` // The rule that determines membership of this group. For more information, see official documentation on membership rules syntax. // Rule to determine members for a dynamic group. Required when `group_types` contains 'DynamicMembership' - // +kubebuilder:validation:Required - Rule *string `json:"rule" tf:"rule,omitempty"` + // +kubebuilder:validation:Optional + Rule *string `json:"rule,omitempty" tf:"rule,omitempty"` +} + +type GroupInitParameters struct { + + // The object IDs of administrative units in which the group is a member. If specified, new groups will be created in the scope of the first administrative unit and added to the others. If empty, new groups will be created at the tenant level. + // The administrative unit IDs in which the group should be. If empty, the group will be created at the tenant level. + AdministrativeUnitIds []*string `json:"administrativeUnitIds,omitempty" tf:"administrative_unit_ids,omitempty"` + + // Indicates whether this group can be assigned to an Azure Active Directory role. Defaults to false. Can only be set to true for security-enabled groups. Changing this forces a new resource to be created. + // Indicates whether this group can be assigned to an Azure Active Directory role. This property can only be `true` for security-enabled groups. + AssignableToRole *bool `json:"assignableToRole,omitempty" tf:"assignable_to_role,omitempty"` + + // Indicates whether new members added to the group will be auto-subscribed to receive email notifications. Can only be set for Unified groups. + // Indicates whether new members added to the group will be auto-subscribed to receive email notifications. + AutoSubscribeNewMembers *bool `json:"autoSubscribeNewMembers,omitempty" tf:"auto_subscribe_new_members,omitempty"` + + // A set of behaviors for a Microsoft 365 group. Possible values are AllowOnlyMembersToPost, HideGroupInOutlook, SubscribeMembersToCalendarEventsDisabled, SubscribeNewGroupMembers and WelcomeEmailDisabled. See official documentation for more details. Changing this forces a new resource to be created. + // The group behaviours for a Microsoft 365 group + Behaviors []*string `json:"behaviors,omitempty" tf:"behaviors,omitempty"` + + // The description for the group. + // The description for the group + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // The display name for the group. + // The display name for the group + DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"` + + // A dynamic_membership block as documented below. Required when types contains DynamicMembership. Cannot be used with the members property. + // An optional block to configure dynamic membership for the group. Cannot be used with `members` + DynamicMembership []DynamicMembershipInitParameters `json:"dynamicMembership,omitempty" tf:"dynamic_membership,omitempty"` + + // Indicates whether people external to the organization can send messages to the group. Can only be set for Unified groups. + // Indicates whether people external to the organization can send messages to the group. + ExternalSendersAllowed *bool `json:"externalSendersAllowed,omitempty" tf:"external_senders_allowed,omitempty"` + + // Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. Can only be set for Unified groups. + // Indicates whether the group is displayed in certain parts of the Outlook user interface: in the Address Book, in address lists for selecting message recipients, and in the Browse Groups dialog for searching groups. + HideFromAddressLists *bool `json:"hideFromAddressLists,omitempty" tf:"hide_from_address_lists,omitempty"` + + // Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. Can only be set for Unified groups. + // Indicates whether the group is displayed in Outlook clients, such as Outlook for Windows and Outlook on the web. + HideFromOutlookClients *bool `json:"hideFromOutlookClients,omitempty" tf:"hide_from_outlook_clients,omitempty"` + + // Whether the group is a mail enabled, with a shared group mailbox. At least one of mail_enabled or security_enabled must be specified. Only Microsoft 365 groups can be mail enabled (see the types property). + // Whether the group is a mail enabled, with a shared group mailbox. At least one of `mail_enabled` or `security_enabled` must be specified. A group can be mail enabled _and_ security enabled + MailEnabled *bool `json:"mailEnabled,omitempty" tf:"mail_enabled,omitempty"` + + // The mail alias for the group, unique in the organisation. Required for mail-enabled groups. Changing this forces a new resource to be created. + // The mail alias for the group, unique in the organisation + MailNickname *string `json:"mailNickname,omitempty" tf:"mail_nickname,omitempty"` + + // A set of members who should be present in this group. Supported object types are Users, Groups or Service Principals. Cannot be used with the dynamic_membership block. + // A set of members who should be present in this group. Supported object types are Users, Groups or Service Principals + Members []*string `json:"members,omitempty" tf:"members,omitempty"` + + // The on-premises group type that the AAD group will be written as, when writeback is enabled. Possible values are UniversalDistributionGroup, UniversalMailEnabledSecurityGroup, or UniversalSecurityGroup. + // Indicates the target on-premise group type the group will be written back as + OnpremisesGroupType *string `json:"onpremisesGroupType,omitempty" tf:"onpremises_group_type,omitempty"` + + // A set of object IDs of principals that will be granted ownership of the group. Supported object types are users or service principals. Groups cannot be created with no owners or have all their owners removed. + // A set of owners who own this group. Supported object types are Users or Service Principals + Owners []*string `json:"owners,omitempty" tf:"owners,omitempty"` + + // If true, will return an error if an existing group is found with the same name. Defaults to false. + // If `true`, will return an error if an existing group is found with the same name + PreventDuplicateNames *bool `json:"preventDuplicateNames,omitempty" tf:"prevent_duplicate_names,omitempty"` + + // A set of provisioning options for a Microsoft 365 group. The only supported value is Team. See official documentation for details. Changing this forces a new resource to be created. + // The group provisioning options for a Microsoft 365 group + ProvisioningOptions []*string `json:"provisioningOptions,omitempty" tf:"provisioning_options,omitempty"` + + // Whether the group is a security group for controlling access to in-app resources. At least one of security_enabled or mail_enabled must be specified. A Microsoft 365 group can be security enabled and mail enabled (see the types property). + // Whether the group is a security group for controlling access to in-app resources. At least one of `security_enabled` or `mail_enabled` must be specified. A group can be security enabled _and_ mail enabled + SecurityEnabled *bool `json:"securityEnabled,omitempty" tf:"security_enabled,omitempty"` + + // The colour theme for a Microsoft 365 group. Possible values are Blue, Green, Orange, Pink, Purple, Red or Teal. By default, no theme is set. + // The colour theme for a Microsoft 365 group + Theme *string `json:"theme,omitempty" tf:"theme,omitempty"` + + // A set of group types to configure for the group. Supported values are DynamicMembership, which denotes a group with dynamic membership, and Unified, which specifies a Microsoft 365 group. Required when mail_enabled is true. Changing this forces a new resource to be created. + // A set of group types to configure for the group. `Unified` specifies a Microsoft 365 group. Required when `mail_enabled` is true + Types []*string `json:"types,omitempty" tf:"types,omitempty"` + + // The group join policy and group content visibility. Possible values are Private, Public, or Hiddenmembership. Only Microsoft 365 groups can have Hiddenmembership visibility and this value must be set when the group is created. By default, security groups will receive Private visibility and Microsoft 365 groups will receive Public visibility. + // Specifies the group join policy and group content visibility + Visibility *string `json:"visibility,omitempty" tf:"visibility,omitempty"` + + // Whether the group will be written back to the configured on-premises Active Directory when Azure AD Connect is used. + // Whether this group should be synced from Azure AD to the on-premises directory when Azure AD Connect is used + WritebackEnabled *bool `json:"writebackEnabled,omitempty" tf:"writeback_enabled,omitempty"` } type GroupObservation struct { @@ -281,6 +382,18 @@ type GroupParameters struct { type GroupSpec struct { v1.ResourceSpec `json:",inline"` ForProvider GroupParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider GroupInitParameters `json:"initProvider,omitempty"` } // GroupStatus defines the observed state of Group. @@ -301,7 +414,7 @@ type GroupStatus struct { type Group struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.displayName)",message="displayName is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.displayName) || has(self.initProvider.displayName)",message="displayName is a required parameter" Spec GroupSpec `json:"spec"` Status GroupStatus `json:"status,omitempty"` } diff --git a/apis/groups/v1beta1/zz_member_types.go b/apis/groups/v1beta1/zz_member_types.go index 65927d54..904a85b8 100755 --- a/apis/groups/v1beta1/zz_member_types.go +++ b/apis/groups/v1beta1/zz_member_types.go @@ -13,6 +13,9 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type MemberInitParameters struct { +} + type MemberObservation struct { // The object ID of the group you want to add the member to. Changing this forces a new resource to be created. @@ -61,6 +64,18 @@ type MemberParameters struct { type MemberSpec struct { v1.ResourceSpec `json:",inline"` ForProvider MemberParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider MemberInitParameters `json:"initProvider,omitempty"` } // MemberStatus defines the observed state of Member. diff --git a/apis/invitations/v1beta1/zz_generated.deepcopy.go b/apis/invitations/v1beta1/zz_generated.deepcopy.go index cd4427a8..80523d8d 100644 --- a/apis/invitations/v1beta1/zz_generated.deepcopy.go +++ b/apis/invitations/v1beta1/zz_generated.deepcopy.go @@ -40,6 +40,48 @@ func (in *Invitation) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InvitationInitParameters) DeepCopyInto(out *InvitationInitParameters) { + *out = *in + if in.Message != nil { + in, out := &in.Message, &out.Message + *out = make([]MessageInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.RedirectURL != nil { + in, out := &in.RedirectURL, &out.RedirectURL + *out = new(string) + **out = **in + } + if in.UserDisplayName != nil { + in, out := &in.UserDisplayName, &out.UserDisplayName + *out = new(string) + **out = **in + } + if in.UserEmailAddress != nil { + in, out := &in.UserEmailAddress, &out.UserEmailAddress + *out = new(string) + **out = **in + } + if in.UserType != nil { + in, out := &in.UserType, &out.UserType + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InvitationInitParameters. +func (in *InvitationInitParameters) DeepCopy() *InvitationInitParameters { + if in == nil { + return nil + } + out := new(InvitationInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *InvitationList) DeepCopyInto(out *InvitationList) { *out = *in @@ -176,6 +218,7 @@ func (in *InvitationSpec) DeepCopyInto(out *InvitationSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InvitationSpec. @@ -205,6 +248,42 @@ func (in *InvitationStatus) DeepCopy() *InvitationStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MessageInitParameters) DeepCopyInto(out *MessageInitParameters) { + *out = *in + if in.AdditionalRecipients != nil { + in, out := &in.AdditionalRecipients, &out.AdditionalRecipients + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Body != nil { + in, out := &in.Body, &out.Body + *out = new(string) + **out = **in + } + if in.Language != nil { + in, out := &in.Language, &out.Language + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MessageInitParameters. +func (in *MessageInitParameters) DeepCopy() *MessageInitParameters { + if in == nil { + return nil + } + out := new(MessageInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *MessageObservation) DeepCopyInto(out *MessageObservation) { *out = *in diff --git a/apis/invitations/v1beta1/zz_generated.managed.go b/apis/invitations/v1beta1/zz_generated.managed.go index 1915a290..2b0baad2 100644 --- a/apis/invitations/v1beta1/zz_generated.managed.go +++ b/apis/invitations/v1beta1/zz_generated.managed.go @@ -17,9 +17,9 @@ func (mg *Invitation) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this Invitation. -func (mg *Invitation) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this Invitation. +func (mg *Invitation) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this Invitation. @@ -55,9 +55,9 @@ func (mg *Invitation) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this Invitation. -func (mg *Invitation) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this Invitation. +func (mg *Invitation) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this Invitation. diff --git a/apis/invitations/v1beta1/zz_generated_terraformed.go b/apis/invitations/v1beta1/zz_generated_terraformed.go index 9b993ffd..3985069b 100755 --- a/apis/invitations/v1beta1/zz_generated_terraformed.go +++ b/apis/invitations/v1beta1/zz_generated_terraformed.go @@ -69,6 +69,16 @@ func (tr *Invitation) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this Invitation +func (tr *Invitation) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this Invitation using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *Invitation) LateInitialize(attrs []byte) (bool, error) { diff --git a/apis/invitations/v1beta1/zz_invitation_types.go b/apis/invitations/v1beta1/zz_invitation_types.go index 29a67cc0..b9b797db 100755 --- a/apis/invitations/v1beta1/zz_invitation_types.go +++ b/apis/invitations/v1beta1/zz_invitation_types.go @@ -13,6 +13,29 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type InvitationInitParameters struct { + + // A message block as documented below, which configures the message being sent to the invited user. If this block is omitted, no message will be sent. + // Customize the message sent to the invited user + Message []MessageInitParameters `json:"message,omitempty" tf:"message,omitempty"` + + // The URL that the user should be redirected to once the invitation is redeemed. + // The URL that the user should be redirected to once the invitation is redeemed + RedirectURL *string `json:"redirectUrl,omitempty" tf:"redirect_url,omitempty"` + + // The display name of the user being invited. + // The display name of the user being invited + UserDisplayName *string `json:"userDisplayName,omitempty" tf:"user_display_name,omitempty"` + + // The email address of the user being invited. + // The email address of the user being invited + UserEmailAddress *string `json:"userEmailAddress,omitempty" tf:"user_email_address,omitempty"` + + // The user type of the user being invited. Must be one of Guest or Member. Only Global Administrators can invite users as members. Defaults to Guest. + // The user type of the user being invited + UserType *string `json:"userType,omitempty" tf:"user_type,omitempty"` +} + type InvitationObservation struct { ID *string `json:"id,omitempty" tf:"id,omitempty"` @@ -73,6 +96,21 @@ type InvitationParameters struct { UserType *string `json:"userType,omitempty" tf:"user_type,omitempty"` } +type MessageInitParameters struct { + + // Email addresses of additional recipients the invitation message should be sent to. Only 1 additional recipient is currently supported by Azure. + // Email addresses of additional recipients the invitation message should be sent to + AdditionalRecipients []*string `json:"additionalRecipients,omitempty" tf:"additional_recipients,omitempty"` + + // Customized message body you want to send if you don't want to send the default message. Cannot be specified with language. + // Customized message body you want to send if you don't want to send the default message + Body *string `json:"body,omitempty" tf:"body,omitempty"` + + // The language you want to send the default message in. The value specified must be in ISO 639 format. Defaults to en-US. Cannot be specified with body. + // The language you want to send the default message in + Language *string `json:"language,omitempty" tf:"language,omitempty"` +} + type MessageObservation struct { // Email addresses of additional recipients the invitation message should be sent to. Only 1 additional recipient is currently supported by Azure. @@ -110,6 +148,18 @@ type MessageParameters struct { type InvitationSpec struct { v1.ResourceSpec `json:",inline"` ForProvider InvitationParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider InvitationInitParameters `json:"initProvider,omitempty"` } // InvitationStatus defines the observed state of Invitation. @@ -130,8 +180,8 @@ type InvitationStatus struct { type Invitation struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.redirectUrl)",message="redirectUrl is a required parameter" - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.userEmailAddress)",message="userEmailAddress is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.redirectUrl) || has(self.initProvider.redirectUrl)",message="redirectUrl is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.userEmailAddress) || has(self.initProvider.userEmailAddress)",message="userEmailAddress is a required parameter" Spec InvitationSpec `json:"spec"` Status InvitationStatus `json:"status,omitempty"` } diff --git a/apis/policies/v1beta1/zz_claimsmappingpolicy_types.go b/apis/policies/v1beta1/zz_claimsmappingpolicy_types.go index 51e011d6..1db32447 100755 --- a/apis/policies/v1beta1/zz_claimsmappingpolicy_types.go +++ b/apis/policies/v1beta1/zz_claimsmappingpolicy_types.go @@ -13,6 +13,17 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type ClaimsMappingPolicyInitParameters struct { + + // The claims mapping policy. This is a JSON formatted string, for which the jsonencode() function can be used. + // A string collection containing a JSON string that defines the rules and settings for this policy + Definition []*string `json:"definition,omitempty" tf:"definition,omitempty"` + + // The display name for this Claims Mapping Policy. + // Display name for this policy + DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"` +} + type ClaimsMappingPolicyObservation struct { // The claims mapping policy. This is a JSON formatted string, for which the jsonencode() function can be used. @@ -44,6 +55,18 @@ type ClaimsMappingPolicyParameters struct { type ClaimsMappingPolicySpec struct { v1.ResourceSpec `json:",inline"` ForProvider ClaimsMappingPolicyParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider ClaimsMappingPolicyInitParameters `json:"initProvider,omitempty"` } // ClaimsMappingPolicyStatus defines the observed state of ClaimsMappingPolicy. @@ -64,8 +87,8 @@ type ClaimsMappingPolicyStatus struct { type ClaimsMappingPolicy struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.definition)",message="definition is a required parameter" - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.displayName)",message="displayName is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.definition) || has(self.initProvider.definition)",message="definition is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.displayName) || has(self.initProvider.displayName)",message="displayName is a required parameter" Spec ClaimsMappingPolicySpec `json:"spec"` Status ClaimsMappingPolicyStatus `json:"status,omitempty"` } diff --git a/apis/policies/v1beta1/zz_generated.deepcopy.go b/apis/policies/v1beta1/zz_generated.deepcopy.go index 2dcc7262..5599a170 100644 --- a/apis/policies/v1beta1/zz_generated.deepcopy.go +++ b/apis/policies/v1beta1/zz_generated.deepcopy.go @@ -40,6 +40,37 @@ func (in *ClaimsMappingPolicy) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClaimsMappingPolicyInitParameters) DeepCopyInto(out *ClaimsMappingPolicyInitParameters) { + *out = *in + if in.Definition != nil { + in, out := &in.Definition, &out.Definition + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.DisplayName != nil { + in, out := &in.DisplayName, &out.DisplayName + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClaimsMappingPolicyInitParameters. +func (in *ClaimsMappingPolicyInitParameters) DeepCopy() *ClaimsMappingPolicyInitParameters { + if in == nil { + return nil + } + out := new(ClaimsMappingPolicyInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ClaimsMappingPolicyList) DeepCopyInto(out *ClaimsMappingPolicyList) { *out = *in @@ -144,6 +175,7 @@ func (in *ClaimsMappingPolicySpec) DeepCopyInto(out *ClaimsMappingPolicySpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClaimsMappingPolicySpec. diff --git a/apis/policies/v1beta1/zz_generated.managed.go b/apis/policies/v1beta1/zz_generated.managed.go index 59731560..fd400b6d 100644 --- a/apis/policies/v1beta1/zz_generated.managed.go +++ b/apis/policies/v1beta1/zz_generated.managed.go @@ -17,9 +17,9 @@ func (mg *ClaimsMappingPolicy) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this ClaimsMappingPolicy. -func (mg *ClaimsMappingPolicy) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this ClaimsMappingPolicy. +func (mg *ClaimsMappingPolicy) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this ClaimsMappingPolicy. @@ -55,9 +55,9 @@ func (mg *ClaimsMappingPolicy) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this ClaimsMappingPolicy. -func (mg *ClaimsMappingPolicy) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this ClaimsMappingPolicy. +func (mg *ClaimsMappingPolicy) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this ClaimsMappingPolicy. diff --git a/apis/policies/v1beta1/zz_generated_terraformed.go b/apis/policies/v1beta1/zz_generated_terraformed.go index 86dd7cb8..23ed540e 100755 --- a/apis/policies/v1beta1/zz_generated_terraformed.go +++ b/apis/policies/v1beta1/zz_generated_terraformed.go @@ -69,6 +69,16 @@ func (tr *ClaimsMappingPolicy) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this ClaimsMappingPolicy +func (tr *ClaimsMappingPolicy) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this ClaimsMappingPolicy using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *ClaimsMappingPolicy) LateInitialize(attrs []byte) (bool, error) { diff --git a/apis/serviceprincipaldelegated/v1beta1/zz_generated.deepcopy.go b/apis/serviceprincipaldelegated/v1beta1/zz_generated.deepcopy.go index bd783129..8d3b33c1 100644 --- a/apis/serviceprincipaldelegated/v1beta1/zz_generated.deepcopy.go +++ b/apis/serviceprincipaldelegated/v1beta1/zz_generated.deepcopy.go @@ -41,6 +41,32 @@ func (in *PermissionGrant) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PermissionGrantInitParameters) DeepCopyInto(out *PermissionGrantInitParameters) { + *out = *in + if in.ClaimValues != nil { + in, out := &in.ClaimValues, &out.ClaimValues + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PermissionGrantInitParameters. +func (in *PermissionGrantInitParameters) DeepCopy() *PermissionGrantInitParameters { + if in == nil { + return nil + } + out := new(PermissionGrantInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PermissionGrantList) DeepCopyInto(out *PermissionGrantList) { *out = *in @@ -195,6 +221,7 @@ func (in *PermissionGrantSpec) DeepCopyInto(out *PermissionGrantSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PermissionGrantSpec. diff --git a/apis/serviceprincipaldelegated/v1beta1/zz_generated.managed.go b/apis/serviceprincipaldelegated/v1beta1/zz_generated.managed.go index e8e94713..f394fd2f 100644 --- a/apis/serviceprincipaldelegated/v1beta1/zz_generated.managed.go +++ b/apis/serviceprincipaldelegated/v1beta1/zz_generated.managed.go @@ -17,9 +17,9 @@ func (mg *PermissionGrant) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this PermissionGrant. -func (mg *PermissionGrant) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this PermissionGrant. +func (mg *PermissionGrant) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this PermissionGrant. @@ -55,9 +55,9 @@ func (mg *PermissionGrant) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this PermissionGrant. -func (mg *PermissionGrant) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this PermissionGrant. +func (mg *PermissionGrant) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this PermissionGrant. diff --git a/apis/serviceprincipaldelegated/v1beta1/zz_generated_terraformed.go b/apis/serviceprincipaldelegated/v1beta1/zz_generated_terraformed.go index 487f6172..f4ec2ac2 100755 --- a/apis/serviceprincipaldelegated/v1beta1/zz_generated_terraformed.go +++ b/apis/serviceprincipaldelegated/v1beta1/zz_generated_terraformed.go @@ -69,6 +69,16 @@ func (tr *PermissionGrant) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this PermissionGrant +func (tr *PermissionGrant) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this PermissionGrant using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *PermissionGrant) LateInitialize(attrs []byte) (bool, error) { diff --git a/apis/serviceprincipaldelegated/v1beta1/zz_permissiongrant_types.go b/apis/serviceprincipaldelegated/v1beta1/zz_permissiongrant_types.go index fe8099ab..c38d6d8d 100755 --- a/apis/serviceprincipaldelegated/v1beta1/zz_permissiongrant_types.go +++ b/apis/serviceprincipaldelegated/v1beta1/zz_permissiongrant_types.go @@ -13,6 +13,13 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type PermissionGrantInitParameters struct { + + // - A set of claim values for delegated permission scopes which should be included in access tokens for the resource. + // A set of claim values for delegated permission scopes which should be included in access tokens for the resource + ClaimValues []*string `json:"claimValues,omitempty" tf:"claim_values,omitempty"` +} + type PermissionGrantObservation struct { // - A set of claim values for delegated permission scopes which should be included in access tokens for the resource. @@ -90,6 +97,18 @@ type PermissionGrantParameters struct { type PermissionGrantSpec struct { v1.ResourceSpec `json:",inline"` ForProvider PermissionGrantParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider PermissionGrantInitParameters `json:"initProvider,omitempty"` } // PermissionGrantStatus defines the observed state of PermissionGrant. @@ -110,7 +129,7 @@ type PermissionGrantStatus struct { type PermissionGrant struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.claimValues)",message="claimValues is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.claimValues) || has(self.initProvider.claimValues)",message="claimValues is a required parameter" Spec PermissionGrantSpec `json:"spec"` Status PermissionGrantStatus `json:"status,omitempty"` } diff --git a/apis/serviceprincipals/v1beta1/zz_certificate_types.go b/apis/serviceprincipals/v1beta1/zz_certificate_types.go index 630bfcc3..afc00ee8 100755 --- a/apis/serviceprincipals/v1beta1/zz_certificate_types.go +++ b/apis/serviceprincipals/v1beta1/zz_certificate_types.go @@ -13,6 +13,33 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type CertificateInitParameters struct { + + // Specifies the encoding used for the supplied certificate data. Must be one of pem, base64 or hex. Defaults to pem. + // Specifies the encoding used for the supplied certificate data + Encoding *string `json:"encoding,omitempty" tf:"encoding,omitempty"` + + // The end date until which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). Changing this field forces a new resource to be created. + // The end date until which the certificate is valid, formatted as an RFC3339 date string (e.g. `2018-01-01T01:02:03Z`) + EndDate *string `json:"endDate,omitempty" tf:"end_date,omitempty"` + + // A relative duration for which the certificate is valid until, for example 240h (10 days) or 2400h30m. Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". Changing this field forces a new resource to be created. + // A relative duration for which the certificate is valid until, for example `240h` (10 days) or `2400h30m`. Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h" + EndDateRelative *string `json:"endDateRelative,omitempty" tf:"end_date_relative,omitempty"` + + // A UUID used to uniquely identify this certificate. If not specified a UUID will be automatically generated. Changing this field forces a new resource to be created. + // A UUID used to uniquely identify this certificate. If not specified a UUID will be automatically generated + KeyID *string `json:"keyId,omitempty" tf:"key_id,omitempty"` + + // The start date from which the certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If this isn't specified, the value is determined by Azure Active Directory and is usually the start date of the certificate for asymmetric keys, or the current timestamp for symmetric keys. Changing this field forces a new resource to be created. + // The start date from which the certificate is valid, formatted as an RFC3339 date string (e.g. `2018-01-01T01:02:03Z`). If this isn't specified, the current date is used + StartDate *string `json:"startDate,omitempty" tf:"start_date,omitempty"` + + // The type of key/certificate. Must be one of AsymmetricX509Cert or Symmetric. Changing this fields forces a new resource to be created. + // The type of key/certificate + Type *string `json:"type,omitempty" tf:"type,omitempty"` +} + type CertificateObservation struct { // Specifies the encoding used for the supplied certificate data. Must be one of pem, base64 or hex. Defaults to pem. @@ -102,6 +129,18 @@ type CertificateParameters struct { type CertificateSpec struct { v1.ResourceSpec `json:",inline"` ForProvider CertificateParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider CertificateInitParameters `json:"initProvider,omitempty"` } // CertificateStatus defines the observed state of Certificate. @@ -122,7 +161,7 @@ type CertificateStatus struct { type Certificate struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.valueSecretRef)",message="valueSecretRef is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.valueSecretRef)",message="valueSecretRef is a required parameter" Spec CertificateSpec `json:"spec"` Status CertificateStatus `json:"status,omitempty"` } diff --git a/apis/serviceprincipals/v1beta1/zz_claimsmappingpolicyassignment_types.go b/apis/serviceprincipals/v1beta1/zz_claimsmappingpolicyassignment_types.go index 298b14ad..cfdfe14a 100755 --- a/apis/serviceprincipals/v1beta1/zz_claimsmappingpolicyassignment_types.go +++ b/apis/serviceprincipals/v1beta1/zz_claimsmappingpolicyassignment_types.go @@ -13,6 +13,9 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type ClaimsMappingPolicyAssignmentInitParameters struct { +} + type ClaimsMappingPolicyAssignmentObservation struct { // The ID of the claims mapping policy to assign. @@ -62,6 +65,18 @@ type ClaimsMappingPolicyAssignmentParameters struct { type ClaimsMappingPolicyAssignmentSpec struct { v1.ResourceSpec `json:",inline"` ForProvider ClaimsMappingPolicyAssignmentParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider ClaimsMappingPolicyAssignmentInitParameters `json:"initProvider,omitempty"` } // ClaimsMappingPolicyAssignmentStatus defines the observed state of ClaimsMappingPolicyAssignment. diff --git a/apis/serviceprincipals/v1beta1/zz_generated.deepcopy.go b/apis/serviceprincipals/v1beta1/zz_generated.deepcopy.go index 67410c1d..d003630d 100644 --- a/apis/serviceprincipals/v1beta1/zz_generated.deepcopy.go +++ b/apis/serviceprincipals/v1beta1/zz_generated.deepcopy.go @@ -14,6 +14,21 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AppRolesInitParameters) DeepCopyInto(out *AppRolesInitParameters) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AppRolesInitParameters. +func (in *AppRolesInitParameters) DeepCopy() *AppRolesInitParameters { + if in == nil { + return nil + } + out := new(AppRolesInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AppRolesObservation) DeepCopyInto(out *AppRolesObservation) { *out = *in @@ -107,6 +122,51 @@ func (in *Certificate) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CertificateInitParameters) DeepCopyInto(out *CertificateInitParameters) { + *out = *in + if in.Encoding != nil { + in, out := &in.Encoding, &out.Encoding + *out = new(string) + **out = **in + } + if in.EndDate != nil { + in, out := &in.EndDate, &out.EndDate + *out = new(string) + **out = **in + } + if in.EndDateRelative != nil { + in, out := &in.EndDateRelative, &out.EndDateRelative + *out = new(string) + **out = **in + } + if in.KeyID != nil { + in, out := &in.KeyID, &out.KeyID + *out = new(string) + **out = **in + } + if in.StartDate != nil { + in, out := &in.StartDate, &out.StartDate + *out = new(string) + **out = **in + } + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateInitParameters. +func (in *CertificateInitParameters) DeepCopy() *CertificateInitParameters { + if in == nil { + return nil + } + out := new(CertificateInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CertificateList) DeepCopyInto(out *CertificateList) { *out = *in @@ -260,6 +320,7 @@ func (in *CertificateSpec) DeepCopyInto(out *CertificateSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateSpec. @@ -316,6 +377,21 @@ func (in *ClaimsMappingPolicyAssignment) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClaimsMappingPolicyAssignmentInitParameters) DeepCopyInto(out *ClaimsMappingPolicyAssignmentInitParameters) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClaimsMappingPolicyAssignmentInitParameters. +func (in *ClaimsMappingPolicyAssignmentInitParameters) DeepCopy() *ClaimsMappingPolicyAssignmentInitParameters { + if in == nil { + return nil + } + out := new(ClaimsMappingPolicyAssignmentInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ClaimsMappingPolicyAssignmentList) DeepCopyInto(out *ClaimsMappingPolicyAssignmentList) { *out = *in @@ -428,6 +504,7 @@ func (in *ClaimsMappingPolicyAssignmentSpec) DeepCopyInto(out *ClaimsMappingPoli *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + out.InitProvider = in.InitProvider } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClaimsMappingPolicyAssignmentSpec. @@ -457,6 +534,41 @@ func (in *ClaimsMappingPolicyAssignmentStatus) DeepCopy() *ClaimsMappingPolicyAs return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FeatureTagsInitParameters) DeepCopyInto(out *FeatureTagsInitParameters) { + *out = *in + if in.CustomSingleSignOn != nil { + in, out := &in.CustomSingleSignOn, &out.CustomSingleSignOn + *out = new(bool) + **out = **in + } + if in.Enterprise != nil { + in, out := &in.Enterprise, &out.Enterprise + *out = new(bool) + **out = **in + } + if in.Gallery != nil { + in, out := &in.Gallery, &out.Gallery + *out = new(bool) + **out = **in + } + if in.Hide != nil { + in, out := &in.Hide, &out.Hide + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FeatureTagsInitParameters. +func (in *FeatureTagsInitParameters) DeepCopy() *FeatureTagsInitParameters { + if in == nil { + return nil + } + out := new(FeatureTagsInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FeatureTagsObservation) DeepCopyInto(out *FeatureTagsObservation) { *out = *in @@ -527,6 +639,21 @@ func (in *FeatureTagsParameters) DeepCopy() *FeatureTagsParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Oauth2PermissionScopesInitParameters) DeepCopyInto(out *Oauth2PermissionScopesInitParameters) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Oauth2PermissionScopesInitParameters. +func (in *Oauth2PermissionScopesInitParameters) DeepCopy() *Oauth2PermissionScopesInitParameters { + if in == nil { + return nil + } + out := new(Oauth2PermissionScopesInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Oauth2PermissionScopesObservation) DeepCopyInto(out *Oauth2PermissionScopesObservation) { *out = *in @@ -624,6 +751,56 @@ func (in *Password) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PasswordInitParameters) DeepCopyInto(out *PasswordInitParameters) { + *out = *in + if in.DisplayName != nil { + in, out := &in.DisplayName, &out.DisplayName + *out = new(string) + **out = **in + } + if in.EndDate != nil { + in, out := &in.EndDate, &out.EndDate + *out = new(string) + **out = **in + } + if in.EndDateRelative != nil { + in, out := &in.EndDateRelative, &out.EndDateRelative + *out = new(string) + **out = **in + } + if in.RotateWhenChanged != nil { + in, out := &in.RotateWhenChanged, &out.RotateWhenChanged + *out = make(map[string]*string, len(*in)) + for key, val := range *in { + var outVal *string + if val == nil { + (*out)[key] = nil + } else { + in, out := &val, &outVal + *out = new(string) + **out = **in + } + (*out)[key] = outVal + } + } + if in.StartDate != nil { + in, out := &in.StartDate, &out.StartDate + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PasswordInitParameters. +func (in *PasswordInitParameters) DeepCopy() *PasswordInitParameters { + if in == nil { + return nil + } + out := new(PasswordInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PasswordList) DeepCopyInto(out *PasswordList) { *out = *in @@ -791,6 +968,7 @@ func (in *PasswordSpec) DeepCopyInto(out *PasswordSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PasswordSpec. @@ -847,6 +1025,114 @@ func (in *Principal) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PrincipalInitParameters) DeepCopyInto(out *PrincipalInitParameters) { + *out = *in + if in.AccountEnabled != nil { + in, out := &in.AccountEnabled, &out.AccountEnabled + *out = new(bool) + **out = **in + } + if in.AlternativeNames != nil { + in, out := &in.AlternativeNames, &out.AlternativeNames + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.AppRoleAssignmentRequired != nil { + in, out := &in.AppRoleAssignmentRequired, &out.AppRoleAssignmentRequired + *out = new(bool) + **out = **in + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.FeatureTags != nil { + in, out := &in.FeatureTags, &out.FeatureTags + *out = make([]FeatureTagsInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.LoginURL != nil { + in, out := &in.LoginURL, &out.LoginURL + *out = new(string) + **out = **in + } + if in.Notes != nil { + in, out := &in.Notes, &out.Notes + *out = new(string) + **out = **in + } + if in.NotificationEmailAddresses != nil { + in, out := &in.NotificationEmailAddresses, &out.NotificationEmailAddresses + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.Owners != nil { + in, out := &in.Owners, &out.Owners + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.PreferredSingleSignOnMode != nil { + in, out := &in.PreferredSingleSignOnMode, &out.PreferredSingleSignOnMode + *out = new(string) + **out = **in + } + if in.SAMLSingleSignOn != nil { + in, out := &in.SAMLSingleSignOn, &out.SAMLSingleSignOn + *out = make([]SAMLSingleSignOnInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Tags != nil { + in, out := &in.Tags, &out.Tags + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.UseExisting != nil { + in, out := &in.UseExisting, &out.UseExisting + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrincipalInitParameters. +func (in *PrincipalInitParameters) DeepCopy() *PrincipalInitParameters { + if in == nil { + return nil + } + out := new(PrincipalInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PrincipalList) DeepCopyInto(out *PrincipalList) { *out = *in @@ -1231,6 +1517,7 @@ func (in *PrincipalSpec) DeepCopyInto(out *PrincipalSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrincipalSpec. @@ -1260,6 +1547,26 @@ func (in *PrincipalStatus) DeepCopy() *PrincipalStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SAMLSingleSignOnInitParameters) DeepCopyInto(out *SAMLSingleSignOnInitParameters) { + *out = *in + if in.RelayState != nil { + in, out := &in.RelayState, &out.RelayState + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SAMLSingleSignOnInitParameters. +func (in *SAMLSingleSignOnInitParameters) DeepCopy() *SAMLSingleSignOnInitParameters { + if in == nil { + return nil + } + out := new(SAMLSingleSignOnInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SAMLSingleSignOnObservation) DeepCopyInto(out *SAMLSingleSignOnObservation) { *out = *in @@ -1327,6 +1634,31 @@ func (in *TokenSigningCertificate) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TokenSigningCertificateInitParameters) DeepCopyInto(out *TokenSigningCertificateInitParameters) { + *out = *in + if in.DisplayName != nil { + in, out := &in.DisplayName, &out.DisplayName + *out = new(string) + **out = **in + } + if in.EndDate != nil { + in, out := &in.EndDate, &out.EndDate + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenSigningCertificateInitParameters. +func (in *TokenSigningCertificateInitParameters) DeepCopy() *TokenSigningCertificateInitParameters { + if in == nil { + return nil + } + out := new(TokenSigningCertificateInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TokenSigningCertificateList) DeepCopyInto(out *TokenSigningCertificateList) { *out = *in @@ -1454,6 +1786,7 @@ func (in *TokenSigningCertificateSpec) DeepCopyInto(out *TokenSigningCertificate *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenSigningCertificateSpec. diff --git a/apis/serviceprincipals/v1beta1/zz_generated.managed.go b/apis/serviceprincipals/v1beta1/zz_generated.managed.go index d60e3cd1..525485ab 100644 --- a/apis/serviceprincipals/v1beta1/zz_generated.managed.go +++ b/apis/serviceprincipals/v1beta1/zz_generated.managed.go @@ -17,9 +17,9 @@ func (mg *Certificate) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this Certificate. -func (mg *Certificate) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this Certificate. +func (mg *Certificate) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this Certificate. @@ -55,9 +55,9 @@ func (mg *Certificate) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this Certificate. -func (mg *Certificate) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this Certificate. +func (mg *Certificate) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this Certificate. @@ -93,9 +93,9 @@ func (mg *ClaimsMappingPolicyAssignment) GetDeletionPolicy() xpv1.DeletionPolicy return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this ClaimsMappingPolicyAssignment. -func (mg *ClaimsMappingPolicyAssignment) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this ClaimsMappingPolicyAssignment. +func (mg *ClaimsMappingPolicyAssignment) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this ClaimsMappingPolicyAssignment. @@ -131,9 +131,9 @@ func (mg *ClaimsMappingPolicyAssignment) SetDeletionPolicy(r xpv1.DeletionPolicy mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this ClaimsMappingPolicyAssignment. -func (mg *ClaimsMappingPolicyAssignment) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this ClaimsMappingPolicyAssignment. +func (mg *ClaimsMappingPolicyAssignment) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this ClaimsMappingPolicyAssignment. @@ -169,9 +169,9 @@ func (mg *Password) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this Password. -func (mg *Password) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this Password. +func (mg *Password) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this Password. @@ -207,9 +207,9 @@ func (mg *Password) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this Password. -func (mg *Password) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this Password. +func (mg *Password) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this Password. @@ -245,9 +245,9 @@ func (mg *Principal) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this Principal. -func (mg *Principal) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this Principal. +func (mg *Principal) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this Principal. @@ -283,9 +283,9 @@ func (mg *Principal) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this Principal. -func (mg *Principal) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this Principal. +func (mg *Principal) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this Principal. @@ -321,9 +321,9 @@ func (mg *TokenSigningCertificate) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this TokenSigningCertificate. -func (mg *TokenSigningCertificate) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this TokenSigningCertificate. +func (mg *TokenSigningCertificate) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this TokenSigningCertificate. @@ -359,9 +359,9 @@ func (mg *TokenSigningCertificate) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this TokenSigningCertificate. -func (mg *TokenSigningCertificate) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this TokenSigningCertificate. +func (mg *TokenSigningCertificate) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this TokenSigningCertificate. diff --git a/apis/serviceprincipals/v1beta1/zz_generated_terraformed.go b/apis/serviceprincipals/v1beta1/zz_generated_terraformed.go index 0217af12..af829092 100755 --- a/apis/serviceprincipals/v1beta1/zz_generated_terraformed.go +++ b/apis/serviceprincipals/v1beta1/zz_generated_terraformed.go @@ -69,6 +69,16 @@ func (tr *Principal) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this Principal +func (tr *Principal) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this Principal using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *Principal) LateInitialize(attrs []byte) (bool, error) { @@ -144,6 +154,16 @@ func (tr *Certificate) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this Certificate +func (tr *Certificate) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this Certificate using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *Certificate) LateInitialize(attrs []byte) (bool, error) { @@ -218,6 +238,16 @@ func (tr *ClaimsMappingPolicyAssignment) SetParameters(params map[string]any) er return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this ClaimsMappingPolicyAssignment +func (tr *ClaimsMappingPolicyAssignment) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this ClaimsMappingPolicyAssignment using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *ClaimsMappingPolicyAssignment) LateInitialize(attrs []byte) (bool, error) { @@ -292,6 +322,16 @@ func (tr *Password) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this Password +func (tr *Password) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this Password using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *Password) LateInitialize(attrs []byte) (bool, error) { @@ -366,6 +406,16 @@ func (tr *TokenSigningCertificate) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this TokenSigningCertificate +func (tr *TokenSigningCertificate) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this TokenSigningCertificate using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *TokenSigningCertificate) LateInitialize(attrs []byte) (bool, error) { diff --git a/apis/serviceprincipals/v1beta1/zz_password_types.go b/apis/serviceprincipals/v1beta1/zz_password_types.go index 0d7dcd75..c02b1e0d 100755 --- a/apis/serviceprincipals/v1beta1/zz_password_types.go +++ b/apis/serviceprincipals/v1beta1/zz_password_types.go @@ -13,6 +13,29 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type PasswordInitParameters struct { + + // A display name for the password. + // A display name for the password + DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"` + + // The end date until which the password is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). Changing this field forces a new resource to be created. + // The end date until which the password is valid, formatted as an RFC3339 date string (e.g. `2018-01-01T01:02:03Z`) + EndDate *string `json:"endDate,omitempty" tf:"end_date,omitempty"` + + // A relative duration for which the password is valid until, for example 240h (10 days) or 2400h30m. Changing this field forces a new resource to be created. + // A relative duration for which the password is valid until, for example `240h` (10 days) or `2400h30m`. Changing this field forces a new resource to be created + EndDateRelative *string `json:"endDateRelative,omitempty" tf:"end_date_relative,omitempty"` + + // A map of arbitrary key/value pairs that will force recreation of the password when they change, enabling password rotation based on external conditions such as a rotating timestamp. Changing this forces a new resource to be created. + // Arbitrary map of values that, when changed, will trigger rotation of the password + RotateWhenChanged map[string]*string `json:"rotateWhenChanged,omitempty" tf:"rotate_when_changed,omitempty"` + + // The start date from which the password is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). If this isn't specified, the current date is used. Changing this field forces a new resource to be created. + // The start date from which the password is valid, formatted as an RFC3339 date string (e.g. `2018-01-01T01:02:03Z`). If this isn't specified, the current date is used + StartDate *string `json:"startDate,omitempty" tf:"start_date,omitempty"` +} + type PasswordObservation struct { // A display name for the password. @@ -92,6 +115,18 @@ type PasswordParameters struct { type PasswordSpec struct { v1.ResourceSpec `json:",inline"` ForProvider PasswordParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider PasswordInitParameters `json:"initProvider,omitempty"` } // PasswordStatus defines the observed state of Password. diff --git a/apis/serviceprincipals/v1beta1/zz_principal_types.go b/apis/serviceprincipals/v1beta1/zz_principal_types.go index 8dfa73e1..8a7fb189 100755 --- a/apis/serviceprincipals/v1beta1/zz_principal_types.go +++ b/apis/serviceprincipals/v1beta1/zz_principal_types.go @@ -13,6 +13,9 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type AppRolesInitParameters struct { +} + type AppRolesObservation struct { // Specifies whether this app role definition can be assigned to users and groups, or to other applications (that are accessing this application in a standalone scenario). Possible values are: User and Application, or both. @@ -37,6 +40,25 @@ type AppRolesObservation struct { type AppRolesParameters struct { } +type FeatureTagsInitParameters struct { + + // Whether this service principal represents a custom SAML application. Enabling this will assign the WindowsAzureActiveDirectoryCustomSingleSignOnApplication tag. Defaults to false. + // Whether this service principal represents a custom SAML application + CustomSingleSignOn *bool `json:"customSingleSignOn,omitempty" tf:"custom_single_sign_on,omitempty"` + + // Whether this service principal represents an Enterprise Application. Enabling this will assign the WindowsAzureActiveDirectoryIntegratedApp tag. Defaults to false. + // Whether this service principal represents an Enterprise Application + Enterprise *bool `json:"enterprise,omitempty" tf:"enterprise,omitempty"` + + // Whether this service principal represents a gallery application. Enabling this will assign the WindowsAzureActiveDirectoryGalleryApplicationNonPrimaryV1 tag. Defaults to false. + // Whether this service principal represents a gallery application + Gallery *bool `json:"gallery,omitempty" tf:"gallery,omitempty"` + + // Whether this app is invisible to users in My Apps and Office 365 Launcher. Enabling this will assign the HideApp tag. Defaults to false. + // Whether this app is invisible to users in My Apps and Office 365 Launcher + Hide *bool `json:"hide,omitempty" tf:"hide,omitempty"` +} + type FeatureTagsObservation struct { // Whether this service principal represents a custom SAML application. Enabling this will assign the WindowsAzureActiveDirectoryCustomSingleSignOnApplication tag. Defaults to false. @@ -79,6 +101,9 @@ type FeatureTagsParameters struct { Hide *bool `json:"hide,omitempty" tf:"hide,omitempty"` } +type Oauth2PermissionScopesInitParameters struct { +} + type Oauth2PermissionScopesObservation struct { // Delegated permission description that appears in all tenant-wide admin consent experiences, intended to be read by an administrator granting the permission on behalf of all users. @@ -109,6 +134,61 @@ type Oauth2PermissionScopesObservation struct { type Oauth2PermissionScopesParameters struct { } +type PrincipalInitParameters struct { + + // Whether or not the service principal account is enabled. Defaults to true. + // Whether or not the service principal account is enabled + AccountEnabled *bool `json:"accountEnabled,omitempty" tf:"account_enabled,omitempty"` + + // A set of alternative names, used to retrieve service principals by subscription, identify resource group and full resource ids for managed identities. + // A list of alternative names, used to retrieve service principals by subscription, identify resource group and full resource ids for managed identities + AlternativeNames []*string `json:"alternativeNames,omitempty" tf:"alternative_names,omitempty"` + + // Whether this service principal requires an app role assignment to a user or group before Azure AD will issue a user or access token to the application. Defaults to false. + // Whether this service principal requires an app role assignment to a user or group before Azure AD will issue a user or access token to the application + AppRoleAssignmentRequired *bool `json:"appRoleAssignmentRequired,omitempty" tf:"app_role_assignment_required,omitempty"` + + // A description of the service principal provided for internal end-users. + // Description of the service principal provided for internal end-users + Description *string `json:"description,omitempty" tf:"description,omitempty"` + + // A feature_tags block as described below. Cannot be used together with the tags property. + // Block of features to configure for this service principal using tags + FeatureTags []FeatureTagsInitParameters `json:"featureTags,omitempty" tf:"feature_tags,omitempty"` + + // The URL where the service provider redirects the user to Azure AD to authenticate. Azure AD uses the URL to launch the application from Microsoft 365 or the Azure AD My Apps. When blank, Azure AD performs IdP-initiated sign-on for applications configured with SAML-based single sign-on. + // The URL where the service provider redirects the user to Azure AD to authenticate. Azure AD uses the URL to launch the application from Microsoft 365 or the Azure AD My Apps. When blank, Azure AD performs IdP-initiated sign-on for applications configured with SAML-based single sign-on + LoginURL *string `json:"loginUrl,omitempty" tf:"login_url,omitempty"` + + // A free text field to capture information about the service principal, typically used for operational purposes. + // Free text field to capture information about the service principal, typically used for operational purposes + Notes *string `json:"notes,omitempty" tf:"notes,omitempty"` + + // A set of email addresses where Azure AD sends a notification when the active certificate is near the expiration date. This is only for the certificates used to sign the SAML token issued for Azure AD Gallery applications. + // List of email addresses where Azure AD sends a notification when the active certificate is near the expiration date. This is only for the certificates used to sign the SAML token issued for Azure AD Gallery applications + NotificationEmailAddresses []*string `json:"notificationEmailAddresses,omitempty" tf:"notification_email_addresses,omitempty"` + + // A set of object IDs of principals that will be granted ownership of the service principal. Supported object types are users or service principals. By default, no owners are assigned. + // A list of object IDs of principals that will be granted ownership of the service principal + Owners []*string `json:"owners,omitempty" tf:"owners,omitempty"` + + // The single sign-on mode configured for this application. Azure AD uses the preferred single sign-on mode to launch the application from Microsoft 365 or the Azure AD My Apps. Supported values are oidc, password, saml or notSupported. Omit this property or specify a blank string to unset. + // The single sign-on mode configured for this application. Azure AD uses the preferred single sign-on mode to launch the application from Microsoft 365 or the Azure AD My Apps + PreferredSingleSignOnMode *string `json:"preferredSingleSignOnMode,omitempty" tf:"preferred_single_sign_on_mode,omitempty"` + + // A saml_single_sign_on block as documented below. + // Settings related to SAML single sign-on + SAMLSingleSignOn []SAMLSingleSignOnInitParameters `json:"samlSingleSignOn,omitempty" tf:"saml_single_sign_on,omitempty"` + + // A set of tags to apply to the service principal for configuring specific behaviours of the service principal. Note that these are not provided for use by practitioners. Cannot be used together with the feature_tags block. + // A set of tags to apply to the service principal + Tags []*string `json:"tags,omitempty" tf:"tags,omitempty"` + + // When true, any existing service principal linked to the same application will be automatically imported. When false, an import error will be raised for any pre-existing service principal. + // When true, the resource will return an existing service principal instead of failing with an error + UseExisting *bool `json:"useExisting,omitempty" tf:"use_existing,omitempty"` +} + type PrincipalObservation struct { // Whether or not the service principal account is enabled. Defaults to true. @@ -308,6 +388,13 @@ type PrincipalParameters struct { UseExisting *bool `json:"useExisting,omitempty" tf:"use_existing,omitempty"` } +type SAMLSingleSignOnInitParameters struct { + + // The relative URI the service provider would redirect to after completion of the single sign-on flow. + // The relative URI the service provider would redirect to after completion of the single sign-on flow + RelayState *string `json:"relayState,omitempty" tf:"relay_state,omitempty"` +} + type SAMLSingleSignOnObservation struct { // The relative URI the service provider would redirect to after completion of the single sign-on flow. @@ -327,6 +414,18 @@ type SAMLSingleSignOnParameters struct { type PrincipalSpec struct { v1.ResourceSpec `json:",inline"` ForProvider PrincipalParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider PrincipalInitParameters `json:"initProvider,omitempty"` } // PrincipalStatus defines the observed state of Principal. diff --git a/apis/serviceprincipals/v1beta1/zz_tokensigningcertificate_types.go b/apis/serviceprincipals/v1beta1/zz_tokensigningcertificate_types.go index 4a8d7245..b3425463 100755 --- a/apis/serviceprincipals/v1beta1/zz_tokensigningcertificate_types.go +++ b/apis/serviceprincipals/v1beta1/zz_tokensigningcertificate_types.go @@ -13,6 +13,18 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type TokenSigningCertificateInitParameters struct { + + // Specifies a friendly name for the certificate. + // Must start with CN=. Changing this field forces a new resource to be created. + // A friendly name for the certificate + DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"` + + // The end date until which the token signing certificate is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). Changing this field forces a new resource to be created. + // The end date until which the certificate is valid, formatted as an RFC3339 date string (e.g. `2018-01-01T01:02:03Z`). Default is 3 years from current date. + EndDate *string `json:"endDate,omitempty" tf:"end_date,omitempty"` +} + type TokenSigningCertificateObservation struct { // Specifies a friendly name for the certificate. @@ -75,6 +87,18 @@ type TokenSigningCertificateParameters struct { type TokenSigningCertificateSpec struct { v1.ResourceSpec `json:",inline"` ForProvider TokenSigningCertificateParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider TokenSigningCertificateInitParameters `json:"initProvider,omitempty"` } // TokenSigningCertificateStatus defines the observed state of TokenSigningCertificate. diff --git a/apis/synchronization/v1beta1/zz_generated.deepcopy.go b/apis/synchronization/v1beta1/zz_generated.deepcopy.go index 146efc6e..89ac5503 100644 --- a/apis/synchronization/v1beta1/zz_generated.deepcopy.go +++ b/apis/synchronization/v1beta1/zz_generated.deepcopy.go @@ -14,6 +14,26 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CredentialInitParameters) DeepCopyInto(out *CredentialInitParameters) { + *out = *in + if in.Key != nil { + in, out := &in.Key, &out.Key + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialInitParameters. +func (in *CredentialInitParameters) DeepCopy() *CredentialInitParameters { + if in == nil { + return nil + } + out := new(CredentialInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CredentialObservation) DeepCopyInto(out *CredentialObservation) { *out = *in @@ -82,6 +102,31 @@ func (in *Job) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *JobInitParameters) DeepCopyInto(out *JobInitParameters) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.TemplateID != nil { + in, out := &in.TemplateID, &out.TemplateID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JobInitParameters. +func (in *JobInitParameters) DeepCopy() *JobInitParameters { + if in == nil { + return nil + } + out := new(JobInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *JobList) DeepCopyInto(out *JobList) { *out = *in @@ -201,6 +246,7 @@ func (in *JobSpec) DeepCopyInto(out *JobSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JobSpec. @@ -230,6 +276,21 @@ func (in *JobStatus) DeepCopy() *JobStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ScheduleInitParameters) DeepCopyInto(out *ScheduleInitParameters) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScheduleInitParameters. +func (in *ScheduleInitParameters) DeepCopy() *ScheduleInitParameters { + if in == nil { + return nil + } + out := new(ScheduleInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ScheduleObservation) DeepCopyInto(out *ScheduleObservation) { *out = *in @@ -302,6 +363,28 @@ func (in *Secret) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecretInitParameters) DeepCopyInto(out *SecretInitParameters) { + *out = *in + if in.Credential != nil { + in, out := &in.Credential, &out.Credential + *out = make([]CredentialInitParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretInitParameters. +func (in *SecretInitParameters) DeepCopy() *SecretInitParameters { + if in == nil { + return nil + } + out := new(SecretInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SecretList) DeepCopyInto(out *SecretList) { *out = *in @@ -408,6 +491,7 @@ func (in *SecretSpec) DeepCopyInto(out *SecretSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretSpec. diff --git a/apis/synchronization/v1beta1/zz_generated.managed.go b/apis/synchronization/v1beta1/zz_generated.managed.go index 53d68ea7..682f61dd 100644 --- a/apis/synchronization/v1beta1/zz_generated.managed.go +++ b/apis/synchronization/v1beta1/zz_generated.managed.go @@ -17,9 +17,9 @@ func (mg *Job) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this Job. -func (mg *Job) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this Job. +func (mg *Job) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this Job. @@ -55,9 +55,9 @@ func (mg *Job) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this Job. -func (mg *Job) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this Job. +func (mg *Job) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this Job. @@ -93,9 +93,9 @@ func (mg *Secret) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this Secret. -func (mg *Secret) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this Secret. +func (mg *Secret) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this Secret. @@ -131,9 +131,9 @@ func (mg *Secret) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this Secret. -func (mg *Secret) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this Secret. +func (mg *Secret) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this Secret. diff --git a/apis/synchronization/v1beta1/zz_generated_terraformed.go b/apis/synchronization/v1beta1/zz_generated_terraformed.go index 99638faf..2b285449 100755 --- a/apis/synchronization/v1beta1/zz_generated_terraformed.go +++ b/apis/synchronization/v1beta1/zz_generated_terraformed.go @@ -69,6 +69,16 @@ func (tr *Job) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this Job +func (tr *Job) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this Job using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *Job) LateInitialize(attrs []byte) (bool, error) { @@ -143,6 +153,16 @@ func (tr *Secret) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this Secret +func (tr *Secret) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this Secret using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *Secret) LateInitialize(attrs []byte) (bool, error) { diff --git a/apis/synchronization/v1beta1/zz_job_types.go b/apis/synchronization/v1beta1/zz_job_types.go index 78809e90..248f3eee 100755 --- a/apis/synchronization/v1beta1/zz_job_types.go +++ b/apis/synchronization/v1beta1/zz_job_types.go @@ -13,6 +13,17 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type JobInitParameters struct { + + // Whether or not the provisioning job is enabled. Default state is true. + // Whether or not the synchronization job is enabled + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // Identifier of the synchronization template this job is based on. + // Identifier of the synchronization template this job is based on. + TemplateID *string `json:"templateId,omitempty" tf:"template_id,omitempty"` +} + type JobObservation struct { // Whether or not the provisioning job is enabled. Default state is true. @@ -61,6 +72,9 @@ type JobParameters struct { TemplateID *string `json:"templateId,omitempty" tf:"template_id,omitempty"` } +type ScheduleInitParameters struct { +} + type ScheduleObservation struct { // Date and time when this job will expire, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). @@ -80,6 +94,18 @@ type ScheduleParameters struct { type JobSpec struct { v1.ResourceSpec `json:",inline"` ForProvider JobParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider JobInitParameters `json:"initProvider,omitempty"` } // JobStatus defines the observed state of Job. @@ -100,7 +126,7 @@ type JobStatus struct { type Job struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.templateId)",message="templateId is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.templateId) || has(self.initProvider.templateId)",message="templateId is a required parameter" Spec JobSpec `json:"spec"` Status JobStatus `json:"status,omitempty"` } diff --git a/apis/synchronization/v1beta1/zz_secret_types.go b/apis/synchronization/v1beta1/zz_secret_types.go index 127fecc2..a455131d 100755 --- a/apis/synchronization/v1beta1/zz_secret_types.go +++ b/apis/synchronization/v1beta1/zz_secret_types.go @@ -13,6 +13,13 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type CredentialInitParameters struct { + + // The key of the secret. + // Name for this key-value pair. + Key *string `json:"key,omitempty" tf:"key,omitempty"` +} + type CredentialObservation struct { // The key of the secret. @@ -24,8 +31,8 @@ type CredentialParameters struct { // The key of the secret. // Name for this key-value pair. - // +kubebuilder:validation:Required - Key *string `json:"key" tf:"key,omitempty"` + // +kubebuilder:validation:Optional + Key *string `json:"key,omitempty" tf:"key,omitempty"` // The value of the secret. // Value for this key-value pair. @@ -33,6 +40,12 @@ type CredentialParameters struct { ValueSecretRef v1.SecretKeySelector `json:"valueSecretRef" tf:"-"` } +type SecretInitParameters struct { + + // One or more credential blocks as documented below. + Credential []CredentialInitParameters `json:"credential,omitempty" tf:"credential,omitempty"` +} + type SecretObservation struct { // One or more credential blocks as documented below. @@ -71,6 +84,18 @@ type SecretParameters struct { type SecretSpec struct { v1.ResourceSpec `json:",inline"` ForProvider SecretParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider SecretInitParameters `json:"initProvider,omitempty"` } // SecretStatus defines the observed state of Secret. diff --git a/apis/users/v1beta1/zz_generated.deepcopy.go b/apis/users/v1beta1/zz_generated.deepcopy.go index 78050744..c78a3ecd 100644 --- a/apis/users/v1beta1/zz_generated.deepcopy.go +++ b/apis/users/v1beta1/zz_generated.deepcopy.go @@ -41,6 +41,203 @@ func (in *User) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UserInitParameters) DeepCopyInto(out *UserInitParameters) { + *out = *in + if in.AccountEnabled != nil { + in, out := &in.AccountEnabled, &out.AccountEnabled + *out = new(bool) + **out = **in + } + if in.AgeGroup != nil { + in, out := &in.AgeGroup, &out.AgeGroup + *out = new(string) + **out = **in + } + if in.BusinessPhones != nil { + in, out := &in.BusinessPhones, &out.BusinessPhones + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.City != nil { + in, out := &in.City, &out.City + *out = new(string) + **out = **in + } + if in.CompanyName != nil { + in, out := &in.CompanyName, &out.CompanyName + *out = new(string) + **out = **in + } + if in.ConsentProvidedForMinor != nil { + in, out := &in.ConsentProvidedForMinor, &out.ConsentProvidedForMinor + *out = new(string) + **out = **in + } + if in.CostCenter != nil { + in, out := &in.CostCenter, &out.CostCenter + *out = new(string) + **out = **in + } + if in.Country != nil { + in, out := &in.Country, &out.Country + *out = new(string) + **out = **in + } + if in.Department != nil { + in, out := &in.Department, &out.Department + *out = new(string) + **out = **in + } + if in.DisablePasswordExpiration != nil { + in, out := &in.DisablePasswordExpiration, &out.DisablePasswordExpiration + *out = new(bool) + **out = **in + } + if in.DisableStrongPassword != nil { + in, out := &in.DisableStrongPassword, &out.DisableStrongPassword + *out = new(bool) + **out = **in + } + if in.DisplayName != nil { + in, out := &in.DisplayName, &out.DisplayName + *out = new(string) + **out = **in + } + if in.Division != nil { + in, out := &in.Division, &out.Division + *out = new(string) + **out = **in + } + if in.EmployeeID != nil { + in, out := &in.EmployeeID, &out.EmployeeID + *out = new(string) + **out = **in + } + if in.EmployeeType != nil { + in, out := &in.EmployeeType, &out.EmployeeType + *out = new(string) + **out = **in + } + if in.FaxNumber != nil { + in, out := &in.FaxNumber, &out.FaxNumber + *out = new(string) + **out = **in + } + if in.ForcePasswordChange != nil { + in, out := &in.ForcePasswordChange, &out.ForcePasswordChange + *out = new(bool) + **out = **in + } + if in.GivenName != nil { + in, out := &in.GivenName, &out.GivenName + *out = new(string) + **out = **in + } + if in.JobTitle != nil { + in, out := &in.JobTitle, &out.JobTitle + *out = new(string) + **out = **in + } + if in.Mail != nil { + in, out := &in.Mail, &out.Mail + *out = new(string) + **out = **in + } + if in.MailNickname != nil { + in, out := &in.MailNickname, &out.MailNickname + *out = new(string) + **out = **in + } + if in.ManagerID != nil { + in, out := &in.ManagerID, &out.ManagerID + *out = new(string) + **out = **in + } + if in.MobilePhone != nil { + in, out := &in.MobilePhone, &out.MobilePhone + *out = new(string) + **out = **in + } + if in.OfficeLocation != nil { + in, out := &in.OfficeLocation, &out.OfficeLocation + *out = new(string) + **out = **in + } + if in.OnpremisesImmutableID != nil { + in, out := &in.OnpremisesImmutableID, &out.OnpremisesImmutableID + *out = new(string) + **out = **in + } + if in.OtherMails != nil { + in, out := &in.OtherMails, &out.OtherMails + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } + if in.PostalCode != nil { + in, out := &in.PostalCode, &out.PostalCode + *out = new(string) + **out = **in + } + if in.PreferredLanguage != nil { + in, out := &in.PreferredLanguage, &out.PreferredLanguage + *out = new(string) + **out = **in + } + if in.ShowInAddressList != nil { + in, out := &in.ShowInAddressList, &out.ShowInAddressList + *out = new(bool) + **out = **in + } + if in.State != nil { + in, out := &in.State, &out.State + *out = new(string) + **out = **in + } + if in.StreetAddress != nil { + in, out := &in.StreetAddress, &out.StreetAddress + *out = new(string) + **out = **in + } + if in.Surname != nil { + in, out := &in.Surname, &out.Surname + *out = new(string) + **out = **in + } + if in.UsageLocation != nil { + in, out := &in.UsageLocation, &out.UsageLocation + *out = new(string) + **out = **in + } + if in.UserPrincipalName != nil { + in, out := &in.UserPrincipalName, &out.UserPrincipalName + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserInitParameters. +func (in *UserInitParameters) DeepCopy() *UserInitParameters { + if in == nil { + return nil + } + out := new(UserInitParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *UserList) DeepCopyInto(out *UserList) { *out = *in @@ -559,6 +756,7 @@ func (in *UserSpec) DeepCopyInto(out *UserSpec) { *out = *in in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) in.ForProvider.DeepCopyInto(&out.ForProvider) + in.InitProvider.DeepCopyInto(&out.InitProvider) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserSpec. diff --git a/apis/users/v1beta1/zz_generated.managed.go b/apis/users/v1beta1/zz_generated.managed.go index 4d73c1a3..f1b2a030 100644 --- a/apis/users/v1beta1/zz_generated.managed.go +++ b/apis/users/v1beta1/zz_generated.managed.go @@ -17,9 +17,9 @@ func (mg *User) GetDeletionPolicy() xpv1.DeletionPolicy { return mg.Spec.DeletionPolicy } -// GetManagementPolicy of this User. -func (mg *User) GetManagementPolicy() xpv1.ManagementPolicy { - return mg.Spec.ManagementPolicy +// GetManagementPolicies of this User. +func (mg *User) GetManagementPolicies() xpv1.ManagementPolicies { + return mg.Spec.ManagementPolicies } // GetProviderConfigReference of this User. @@ -55,9 +55,9 @@ func (mg *User) SetDeletionPolicy(r xpv1.DeletionPolicy) { mg.Spec.DeletionPolicy = r } -// SetManagementPolicy of this User. -func (mg *User) SetManagementPolicy(r xpv1.ManagementPolicy) { - mg.Spec.ManagementPolicy = r +// SetManagementPolicies of this User. +func (mg *User) SetManagementPolicies(r xpv1.ManagementPolicies) { + mg.Spec.ManagementPolicies = r } // SetProviderConfigReference of this User. diff --git a/apis/users/v1beta1/zz_generated_terraformed.go b/apis/users/v1beta1/zz_generated_terraformed.go index dd46a796..b3d22366 100755 --- a/apis/users/v1beta1/zz_generated_terraformed.go +++ b/apis/users/v1beta1/zz_generated_terraformed.go @@ -69,6 +69,16 @@ func (tr *User) SetParameters(params map[string]any) error { return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) } +// GetInitParameters of this User +func (tr *User) GetInitParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.InitProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + // LateInitialize this User using its observed tfState. // returns True if there are any spec changes for the resource. func (tr *User) LateInitialize(attrs []byte) (bool, error) { diff --git a/apis/users/v1beta1/zz_user_types.go b/apis/users/v1beta1/zz_user_types.go index e02a5175..97f11cb0 100755 --- a/apis/users/v1beta1/zz_user_types.go +++ b/apis/users/v1beta1/zz_user_types.go @@ -13,6 +13,145 @@ import ( v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" ) +type UserInitParameters struct { + + // Whether or not the account should be enabled. + // Whether or not the account should be enabled + AccountEnabled *bool `json:"accountEnabled,omitempty" tf:"account_enabled,omitempty"` + + // The age group of the user. Supported values are Adult, NotAdult and Minor. Omit this property or specify a blank string to unset. + // The age group of the user + AgeGroup *string `json:"ageGroup,omitempty" tf:"age_group,omitempty"` + + // A list of telephone numbers for the user. Only one number can be set for this property. Read-only for users synced with Azure AD Connect. + // The telephone numbers for the user. Only one number can be set for this property. Read-only for users synced with Azure AD Connect + BusinessPhones []*string `json:"businessPhones,omitempty" tf:"business_phones,omitempty"` + + // The city in which the user is located. + // The city in which the user is located + City *string `json:"city,omitempty" tf:"city,omitempty"` + + // The company name which the user is associated. This property can be useful for describing the company that an external user comes from. + // The company name which the user is associated. This property can be useful for describing the company that an external user comes from + CompanyName *string `json:"companyName,omitempty" tf:"company_name,omitempty"` + + // Whether consent has been obtained for minors. Supported values are Granted, Denied and NotRequired. Omit this property or specify a blank string to unset. + // Whether consent has been obtained for minors + ConsentProvidedForMinor *string `json:"consentProvidedForMinor,omitempty" tf:"consent_provided_for_minor,omitempty"` + + // The cost center associated with the user. + // The cost center associated with the user. + CostCenter *string `json:"costCenter,omitempty" tf:"cost_center,omitempty"` + + // The country/region in which the user is located, e.g. US or UK. + // The country/region in which the user is located, e.g. `US` or `UK` + Country *string `json:"country,omitempty" tf:"country,omitempty"` + + // The name for the department in which the user works. + // The name for the department in which the user works + Department *string `json:"department,omitempty" tf:"department,omitempty"` + + // Whether the user's password is exempt from expiring. Defaults to false. + // Whether the users password is exempt from expiring + DisablePasswordExpiration *bool `json:"disablePasswordExpiration,omitempty" tf:"disable_password_expiration,omitempty"` + + // Whether the user is allowed weaker passwords than the default policy to be specified. Defaults to false. + // Whether the user is allowed weaker passwords than the default policy to be specified. + DisableStrongPassword *bool `json:"disableStrongPassword,omitempty" tf:"disable_strong_password,omitempty"` + + // The name to display in the address book for the user. + // The name to display in the address book for the user + DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"` + + // The name of the division in which the user works. + // The name of the division in which the user works. + Division *string `json:"division,omitempty" tf:"division,omitempty"` + + // The employee identifier assigned to the user by the organisation. + // The employee identifier assigned to the user by the organisation + EmployeeID *string `json:"employeeId,omitempty" tf:"employee_id,omitempty"` + + // Captures enterprise worker type. For example, Employee, Contractor, Consultant, or Vendor. + // Captures enterprise worker type. For example, Employee, Contractor, Consultant, or Vendor. + EmployeeType *string `json:"employeeType,omitempty" tf:"employee_type,omitempty"` + + // The fax number of the user. + // The fax number of the user + FaxNumber *string `json:"faxNumber,omitempty" tf:"fax_number,omitempty"` + + // Whether the user is forced to change the password during the next sign-in. Only takes effect when also changing the password. Defaults to false. + // Whether the user is forced to change the password during the next sign-in. Only takes effect when also changing the password + ForcePasswordChange *bool `json:"forcePasswordChange,omitempty" tf:"force_password_change,omitempty"` + + // The given name (first name) of the user. + // The given name (first name) of the user + GivenName *string `json:"givenName,omitempty" tf:"given_name,omitempty"` + + // The user’s job title. + // The user’s job title + JobTitle *string `json:"jobTitle,omitempty" tf:"job_title,omitempty"` + + // The SMTP address for the user. This property cannot be unset once specified. + // The SMTP address for the user. Cannot be unset. + Mail *string `json:"mail,omitempty" tf:"mail,omitempty"` + + // The mail alias for the user. Defaults to the user name part of the user principal name (UPN). + // The mail alias for the user. Defaults to the user name part of the user principal name (UPN) + MailNickname *string `json:"mailNickname,omitempty" tf:"mail_nickname,omitempty"` + + // The object ID of the user's manager. + // The object ID of the user's manager + ManagerID *string `json:"managerId,omitempty" tf:"manager_id,omitempty"` + + // The primary cellular telephone number for the user. + // The primary cellular telephone number for the user + MobilePhone *string `json:"mobilePhone,omitempty" tf:"mobile_phone,omitempty"` + + // The office location in the user's place of business. + // The office location in the user's place of business + OfficeLocation *string `json:"officeLocation,omitempty" tf:"office_location,omitempty"` + + // The value used to associate an on-premise Active Directory user account with their Azure AD user object. This must be specified if you are using a federated domain for the user's user_principal_name property when creating a new user account. + // The value used to associate an on-premise Active Directory user account with their Azure AD user object. This must be specified if you are using a federated domain for the user's `user_principal_name` property when creating a new user account + OnpremisesImmutableID *string `json:"onpremisesImmutableId,omitempty" tf:"onpremises_immutable_id,omitempty"` + + // A list of additional email addresses for the user. + // Additional email addresses for the user + OtherMails []*string `json:"otherMails,omitempty" tf:"other_mails,omitempty"` + + // The postal code for the user's postal address. The postal code is specific to the user's country/region. In the United States of America, this attribute contains the ZIP code. + // The postal code for the user's postal address. The postal code is specific to the user's country/region. In the United States of America, this attribute contains the ZIP code + PostalCode *string `json:"postalCode,omitempty" tf:"postal_code,omitempty"` + + // The user's preferred language, in ISO 639-1 notation. + // The user's preferred language, in ISO 639-1 notation + PreferredLanguage *string `json:"preferredLanguage,omitempty" tf:"preferred_language,omitempty"` + + // Whether or not the Outlook global address list should include this user. Defaults to true. + // Whether or not the Outlook global address list should include this user + ShowInAddressList *bool `json:"showInAddressList,omitempty" tf:"show_in_address_list,omitempty"` + + // The state or province in the user's address. + // The state or province in the user's address + State *string `json:"state,omitempty" tf:"state,omitempty"` + + // The street address of the user's place of business. + // The street address of the user's place of business + StreetAddress *string `json:"streetAddress,omitempty" tf:"street_address,omitempty"` + + // The user's surname (family name or last name). + // The user's surname (family name or last name) + Surname *string `json:"surname,omitempty" tf:"surname,omitempty"` + + // The usage location of the user. Required for users that will be assigned licenses due to legal requirement to check for availability of services in countries. The usage location is a two letter country code (ISO standard 3166). Examples include: NO, JP, and GB. Cannot be reset to null once set. + // The usage location of the user. Required for users that will be assigned licenses due to legal requirement to check for availability of services in countries. The usage location is a two letter country code (ISO standard 3166). Examples include: `NO`, `JP`, and `GB`. Cannot be reset to null once set + UsageLocation *string `json:"usageLocation,omitempty" tf:"usage_location,omitempty"` + + // The user principal name (UPN) of the user. + // The user principal name (UPN) of the user + UserPrincipalName *string `json:"userPrincipalName,omitempty" tf:"user_principal_name,omitempty"` +} + type UserObservation struct { // A freeform field for the user to describe themselves @@ -387,6 +526,18 @@ type UserParameters struct { type UserSpec struct { v1.ResourceSpec `json:",inline"` ForProvider UserParameters `json:"forProvider"` + // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored + // unless the relevant Crossplane feature flag is enabled, and may be + // changed or removed without notice. + // InitProvider holds the same fields as ForProvider, with the exception + // of Identifier and other resource reference fields. The fields that are + // in InitProvider are merged into ForProvider when the resource is created. + // The same fields are also added to the terraform ignore_changes hook, to + // avoid updating them after creation. This is useful for fields that are + // required on creation, but we do not desire to update them after creation, + // for example because of an external controller is managing them, like an + // autoscaler. + InitProvider UserInitParameters `json:"initProvider,omitempty"` } // UserStatus defines the observed state of User. @@ -407,8 +558,8 @@ type UserStatus struct { type User struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.displayName)",message="displayName is a required parameter" - // +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.userPrincipalName)",message="userPrincipalName is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.displayName) || has(self.initProvider.displayName)",message="displayName is a required parameter" + // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.userPrincipalName) || has(self.initProvider.userPrincipalName)",message="userPrincipalName is a required parameter" Spec UserSpec `json:"spec"` Status UserStatus `json:"status,omitempty"` } diff --git a/cmd/provider/main.go b/cmd/provider/main.go index 6b46a7dd..a0f9c3a3 100644 --- a/cmd/provider/main.go +++ b/cmd/provider/main.go @@ -16,6 +16,7 @@ package main import ( "context" + "github.com/upbound/upjet/pkg/controller/handler" "os" "path/filepath" "time" @@ -92,6 +93,7 @@ func main() { kingpin.FatalIfError(err, "Cannot create controller manager") kingpin.FatalIfError(apis.AddToScheme(mgr.GetScheme()), "Cannot add Azuread APIs to scheme") + eventHandler := handler.NewEventHandler() // if the native Terraform provider plugin's path is not configured via // the env. variable TERRAFORM_NATIVE_PROVIDER_PATH or // the `--terraform-native-provider-path` command-line option, @@ -100,7 +102,8 @@ func main() { // This removes some complexity for setting up development environments. var scheduler terraform.ProviderScheduler = terraform.NewNoOpProviderScheduler() if len(*nativeProviderPath) != 0 { - scheduler = terraform.NewSharedProviderScheduler(log, *pluginProcessTTL, terraform.WithNativeProviderPath(*nativeProviderPath), terraform.WithNativeProviderName("registry.terraform.io/"+*nativeProviderSource)) + scheduler = terraform.NewSharedProviderScheduler(log, *pluginProcessTTL, + terraform.WithSharedProviderOptions(terraform.WithNativeProviderPath(*nativeProviderPath), terraform.WithNativeProviderName("registry.terraform.io/"+*nativeProviderSource))) } o := tjcontroller.Options{ @@ -114,10 +117,16 @@ func main() { Provider: config.GetProvider(), // use the following WorkspaceStoreOption to enable the shared gRPC mode // terraform.WithProviderRunner(terraform.NewSharedProvider(log, os.Getenv("TERRAFORM_NATIVE_PROVIDER_PATH"), terraform.WithNativeProviderArgs("-debuggable"))) - WorkspaceStore: terraform.NewWorkspaceStore(log, terraform.WithProcessReportInterval(*pollInterval)), - SetupFn: clients.TerraformSetupBuilder(*terraformVersion, *nativeProviderSource, *providerVersion, scheduler), + SetupFn: clients.TerraformSetupBuilder(*terraformVersion, *nativeProviderSource, *providerVersion, scheduler), + EventHandler: eventHandler, } + if *enableManagementPolicies { + o.Features.Enable(features.EnableAlphaManagementPolicies) + log.Info("Alpha feature enabled", "flag", features.EnableAlphaManagementPolicies) + } + o.WorkspaceStore = terraform.NewWorkspaceStore(log, terraform.WithDisableInit(len(*nativeProviderPath) != 0), terraform.WithProcessReportInterval(*pollInterval), terraform.WithFeatures(o.Features)) + if *enableExternalSecretStores { o.SecretStoreConfigGVK = &v1alpha1.StoreConfigGroupVersionKind log.Info("Alpha feature enabled", "flag", features.EnableAlphaExternalSecretStores) diff --git a/examples-generated/administrativeunits/member.yaml b/examples-generated/administrativeunits/member.yaml index 0ac4b588..83c344fa 100644 --- a/examples-generated/administrativeunits/member.yaml +++ b/examples-generated/administrativeunits/member.yaml @@ -26,6 +26,3 @@ metadata: spec: forProvider: displayName: Example-AU - ---- - diff --git a/examples-generated/administrativeunits/unit.yaml b/examples-generated/administrativeunits/unit.yaml index 7db9d028..880816c8 100644 --- a/examples-generated/administrativeunits/unit.yaml +++ b/examples-generated/administrativeunits/unit.yaml @@ -11,6 +11,3 @@ spec: description: Just an example displayName: Example-AU visibility: Public - ---- - diff --git a/examples-generated/app/roleassignment.yaml b/examples-generated/app/roleassignment.yaml index cc721914..81413caa 100644 --- a/examples-generated/app/roleassignment.yaml +++ b/examples-generated/app/roleassignment.yaml @@ -69,6 +69,3 @@ spec: matchLabels: testing.upbound.io/example-name: azuread_application_published_app_ids useExisting: true - ---- - diff --git a/examples-generated/applications/application.yaml b/examples-generated/applications/application.yaml index 4be3307c..b179d0fa 100644 --- a/examples-generated/applications/application.yaml +++ b/examples-generated/applications/application.yaml @@ -87,6 +87,3 @@ spec: logoutUrl: https://app.example.net/logout redirectUris: - https://app.example.net/account - ---- - diff --git a/examples-generated/applications/certificate.yaml b/examples-generated/applications/certificate.yaml index 93d603e5..27d6b556 100644 --- a/examples-generated/applications/certificate.yaml +++ b/examples-generated/applications/certificate.yaml @@ -31,6 +31,3 @@ metadata: spec: forProvider: displayName: example - ---- - diff --git a/examples-generated/applications/federatedidentitycredential.yaml b/examples-generated/applications/federatedidentitycredential.yaml index 7890eadb..2b0b02d9 100644 --- a/examples-generated/applications/federatedidentitycredential.yaml +++ b/examples-generated/applications/federatedidentitycredential.yaml @@ -31,6 +31,3 @@ metadata: spec: forProvider: displayName: example - ---- - diff --git a/examples-generated/applications/password.yaml b/examples-generated/applications/password.yaml index d7482c20..8ef4f871 100644 --- a/examples-generated/applications/password.yaml +++ b/examples-generated/applications/password.yaml @@ -25,6 +25,3 @@ metadata: spec: forProvider: displayName: example - ---- - diff --git a/examples-generated/applications/preauthorized.yaml b/examples-generated/applications/preauthorized.yaml index 49538c2e..96db7593 100644 --- a/examples-generated/applications/preauthorized.yaml +++ b/examples-generated/applications/preauthorized.yaml @@ -61,6 +61,3 @@ spec: userConsentDisplayName: Access value: user_impersonation displayName: example-authorizing-app - ---- - diff --git a/examples-generated/conditionalaccess/accesspolicy.yaml b/examples-generated/conditionalaccess/accesspolicy.yaml index d0bd6b19..53983448 100644 --- a/examples-generated/conditionalaccess/accesspolicy.yaml +++ b/examples-generated/conditionalaccess/accesspolicy.yaml @@ -49,6 +49,3 @@ spec: signInFrequency: 10 signInFrequencyPeriod: hours state: disabled - ---- - diff --git a/examples-generated/conditionalaccess/location.yaml b/examples-generated/conditionalaccess/location.yaml index 79e74ec6..de710b8f 100644 --- a/examples-generated/conditionalaccess/location.yaml +++ b/examples-generated/conditionalaccess/location.yaml @@ -14,6 +14,3 @@ spec: - 1.1.1.1/32 - 2.2.2.2/32 trusted: true - ---- - diff --git a/examples-generated/directoryroles/customdirectoryrole.yaml b/examples-generated/directoryroles/customdirectoryrole.yaml index 8ccefa11..594a0aa9 100644 --- a/examples-generated/directoryroles/customdirectoryrole.yaml +++ b/examples-generated/directoryroles/customdirectoryrole.yaml @@ -23,6 +23,3 @@ spec: - microsoft.directory/groups/create - microsoft.directory/groups/delete version: "1.0" - ---- - diff --git a/examples-generated/directoryroles/role.yaml b/examples-generated/directoryroles/role.yaml index f8f972f7..33af6856 100644 --- a/examples-generated/directoryroles/role.yaml +++ b/examples-generated/directoryroles/role.yaml @@ -8,6 +8,3 @@ metadata: name: example spec: forProvider: {} - ---- - diff --git a/examples-generated/directoryroles/roleassignment.yaml b/examples-generated/directoryroles/roleassignment.yaml index 6cf296fb..758d0eb4 100644 --- a/examples-generated/directoryroles/roleassignment.yaml +++ b/examples-generated/directoryroles/roleassignment.yaml @@ -28,6 +28,3 @@ metadata: spec: forProvider: displayName: Security administrator - ---- - diff --git a/examples-generated/groups/group.yaml b/examples-generated/groups/group.yaml index 1f3b7073..77704071 100644 --- a/examples-generated/groups/group.yaml +++ b/examples-generated/groups/group.yaml @@ -12,6 +12,3 @@ spec: owners: - ${data.azuread_client_config.current.object_id} securityEnabled: true - ---- - diff --git a/examples-generated/groups/member.yaml b/examples-generated/groups/member.yaml index 8773207f..e8655eec 100644 --- a/examples-generated/groups/member.yaml +++ b/examples-generated/groups/member.yaml @@ -29,6 +29,3 @@ spec: forProvider: displayName: my_group securityEnabled: true - ---- - diff --git a/examples-generated/invitations/invitation.yaml b/examples-generated/invitations/invitation.yaml index 58bed705..666f63b5 100644 --- a/examples-generated/invitations/invitation.yaml +++ b/examples-generated/invitations/invitation.yaml @@ -10,6 +10,3 @@ spec: forProvider: redirectUrl: https://portal.azure.com userEmailAddress: jdoe@hashicorp.com - ---- - diff --git a/examples-generated/policies/claimsmappingpolicy.yaml b/examples-generated/policies/claimsmappingpolicy.yaml index 9e677def..7e01fc7a 100644 --- a/examples-generated/policies/claimsmappingpolicy.yaml +++ b/examples-generated/policies/claimsmappingpolicy.yaml @@ -33,6 +33,3 @@ spec: } )} displayName: My Policy - ---- - diff --git a/examples-generated/serviceprincipaldelegated/permissiongrant.yaml b/examples-generated/serviceprincipaldelegated/permissiongrant.yaml index f0a1472d..d7eeaa07 100644 --- a/examples-generated/serviceprincipaldelegated/permissiongrant.yaml +++ b/examples-generated/serviceprincipaldelegated/permissiongrant.yaml @@ -71,6 +71,3 @@ spec: matchLabels: testing.upbound.io/example-name: azuread_application_published_app_ids useExisting: true - ---- - diff --git a/examples-generated/serviceprincipals/certificate.yaml b/examples-generated/serviceprincipals/certificate.yaml index 90497476..982a37a4 100644 --- a/examples-generated/serviceprincipals/certificate.yaml +++ b/examples-generated/serviceprincipals/certificate.yaml @@ -47,6 +47,3 @@ spec: applicationIdSelector: matchLabels: testing.upbound.io/example-name: example - ---- - diff --git a/examples-generated/serviceprincipals/claimsmappingpolicyassignment.yaml b/examples-generated/serviceprincipals/claimsmappingpolicyassignment.yaml index a895167d..b820b8cd 100644 --- a/examples-generated/serviceprincipals/claimsmappingpolicyassignment.yaml +++ b/examples-generated/serviceprincipals/claimsmappingpolicyassignment.yaml @@ -14,6 +14,3 @@ spec: servicePrincipalIdSelector: matchLabels: testing.upbound.io/example-name: my_principal - ---- - diff --git a/examples-generated/serviceprincipals/password.yaml b/examples-generated/serviceprincipals/password.yaml index 7d0843f4..2a28ce4d 100644 --- a/examples-generated/serviceprincipals/password.yaml +++ b/examples-generated/serviceprincipals/password.yaml @@ -41,6 +41,3 @@ spec: applicationIdSelector: matchLabels: testing.upbound.io/example-name: example - ---- - diff --git a/examples-generated/serviceprincipals/principal.yaml b/examples-generated/serviceprincipals/principal.yaml index 89f8249c..218d97ee 100644 --- a/examples-generated/serviceprincipals/principal.yaml +++ b/examples-generated/serviceprincipals/principal.yaml @@ -30,6 +30,3 @@ spec: displayName: example owners: - ${data.azuread_client_config.current.object_id} - ---- - diff --git a/examples-generated/serviceprincipals/tokensigningcertificate.yaml b/examples-generated/serviceprincipals/tokensigningcertificate.yaml index 3bb17f2a..c25938b0 100644 --- a/examples-generated/serviceprincipals/tokensigningcertificate.yaml +++ b/examples-generated/serviceprincipals/tokensigningcertificate.yaml @@ -41,6 +41,3 @@ spec: applicationIdSelector: matchLabels: testing.upbound.io/example-name: example - ---- - diff --git a/examples-generated/synchronization/job.yaml b/examples-generated/synchronization/job.yaml index 9c518cd1..d2b566c6 100644 --- a/examples-generated/synchronization/job.yaml +++ b/examples-generated/synchronization/job.yaml @@ -75,6 +75,3 @@ spec: servicePrincipalIdSelector: matchLabels: testing.upbound.io/example-name: example - ---- - diff --git a/examples-generated/synchronization/secret.yaml b/examples-generated/synchronization/secret.yaml index d2927332..44303ead 100644 --- a/examples-generated/synchronization/secret.yaml +++ b/examples-generated/synchronization/secret.yaml @@ -57,6 +57,3 @@ spec: matchLabels: testing.upbound.io/example-name: example useExisting: true - ---- - diff --git a/examples-generated/users/user.yaml b/examples-generated/users/user.yaml index 5b555c81..4475506a 100644 --- a/examples-generated/users/user.yaml +++ b/examples-generated/users/user.yaml @@ -15,6 +15,3 @@ spec: name: example-secret namespace: upbound-system userPrincipalName: jdoe@hashicorp.com - ---- - diff --git a/go.mod b/go.mod index cf32335c..5e97eeb2 100644 --- a/go.mod +++ b/go.mod @@ -3,47 +3,46 @@ module github.com/upbound/provider-azuread go 1.19 require ( - github.com/crossplane/crossplane-runtime v0.20.0-rc.0.0.20230406155702-4e1673b7141f - github.com/crossplane/crossplane-tools v0.0.0-20230327091744-4236bf732aa5 + github.com/crossplane/crossplane-runtime v0.20.0 + github.com/crossplane/crossplane-tools v0.0.0-20230714144037-2684f4bc7638 github.com/pkg/errors v0.9.1 - github.com/upbound/upjet v0.9.0-rc.0.0.20230502154751-645d7260d814 + github.com/upbound/upjet v0.9.0-rc.0.0.20230731131908-7fb82a477111 gopkg.in/alecthomas/kingpin.v2 v2.2.6 - k8s.io/apimachinery v0.26.3 - k8s.io/client-go v0.26.3 - sigs.k8s.io/controller-runtime v0.14.6 - sigs.k8s.io/controller-tools v0.11.3 + k8s.io/apimachinery v0.27.3 + k8s.io/client-go v0.27.3 + sigs.k8s.io/controller-runtime v0.15.0 + sigs.k8s.io/controller-tools v0.12.1 ) require ( + dario.cat/mergo v1.0.0 // indirect github.com/agext/levenshtein v1.2.3 // indirect github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751 // indirect github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137 // indirect github.com/antchfx/htmlquery v1.2.4 // indirect github.com/antchfx/xpath v1.2.0 // indirect github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect - github.com/armon/go-metrics v0.3.9 // indirect - github.com/armon/go-radix v1.0.0 // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/cenkalti/backoff/v3 v3.0.0 // indirect - github.com/cespare/xxhash/v2 v2.1.2 // indirect + github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/dave/jennifer v1.4.1 // indirect github.com/davecgh/go-spew v1.1.1 // indirect - github.com/emicklei/go-restful/v3 v3.9.0 // indirect + github.com/emicklei/go-restful/v3 v3.10.2 // indirect github.com/evanphx/json-patch/v5 v5.6.0 // indirect github.com/fatih/camelcase v1.0.0 // indirect - github.com/fatih/color v1.13.0 // indirect + github.com/fatih/color v1.15.0 // indirect github.com/fsnotify/fsnotify v1.6.0 // indirect - github.com/go-logr/logr v1.2.3 // indirect - github.com/go-logr/zapr v1.2.3 // indirect - github.com/go-openapi/jsonpointer v0.19.5 // indirect - github.com/go-openapi/jsonreference v0.20.0 // indirect - github.com/go-openapi/swag v0.21.1 // indirect - github.com/gobuffalo/flect v0.3.0 // indirect + github.com/go-jose/go-jose/v3 v3.0.0 // indirect + github.com/go-logr/logr v1.2.4 // indirect + github.com/go-logr/zapr v1.2.4 // indirect + github.com/go-openapi/jsonpointer v0.19.6 // indirect + github.com/go-openapi/jsonreference v0.20.2 // indirect + github.com/go-openapi/swag v0.22.3 // indirect + github.com/gobuffalo/flect v1.0.2 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/mock v1.6.0 // indirect - github.com/golang/protobuf v1.5.2 // indirect - github.com/golang/snappy v0.0.4 // indirect + github.com/golang/protobuf v1.5.3 // indirect github.com/google/gnostic v0.6.9 // indirect github.com/google/go-cmp v0.5.9 // indirect github.com/google/gofuzz v1.2.0 // indirect @@ -52,18 +51,14 @@ require ( github.com/hashicorp/go-cleanhttp v0.5.2 // indirect github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 // indirect github.com/hashicorp/go-hclog v1.2.1 // indirect - github.com/hashicorp/go-immutable-radix v1.3.1 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect - github.com/hashicorp/go-plugin v1.4.4 // indirect github.com/hashicorp/go-retryablehttp v0.7.1 // indirect github.com/hashicorp/go-rootcerts v1.0.2 // indirect - github.com/hashicorp/go-secure-stdlib/mlock v0.1.1 // indirect - github.com/hashicorp/go-secure-stdlib/parseutil v0.1.1 // indirect - github.com/hashicorp/go-secure-stdlib/strutil v0.1.1 // indirect + github.com/hashicorp/go-secure-stdlib/parseutil v0.1.6 // indirect + github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 // indirect github.com/hashicorp/go-sockaddr v1.0.2 // indirect github.com/hashicorp/go-uuid v1.0.3 // indirect github.com/hashicorp/go-version v1.6.0 // indirect - github.com/hashicorp/golang-lru v0.5.4 // indirect github.com/hashicorp/hcl v1.0.0 // indirect github.com/hashicorp/hcl/v2 v2.14.1 // indirect github.com/hashicorp/logutils v1.0.0 // indirect @@ -71,17 +66,15 @@ require ( github.com/hashicorp/terraform-plugin-go v0.14.0 // indirect github.com/hashicorp/terraform-plugin-log v0.7.0 // indirect github.com/hashicorp/terraform-plugin-sdk/v2 v2.24.0 // indirect - github.com/hashicorp/vault/api v1.5.0 // indirect - github.com/hashicorp/vault/sdk v0.4.1 // indirect - github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d // indirect + github.com/hashicorp/vault/api v1.9.2 // indirect github.com/iancoleman/strcase v0.2.0 // indirect - github.com/imdario/mergo v0.3.12 // indirect - github.com/inconshreveable/mousetrap v1.0.1 // indirect + github.com/imdario/mergo v0.3.16 // indirect + github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/mailru/easyjson v0.7.7 // indirect - github.com/mattn/go-colorable v0.1.12 // indirect - github.com/mattn/go-isatty v0.0.16 // indirect + github.com/mattn/go-colorable v0.1.13 // indirect + github.com/mattn/go-isatty v0.0.17 // indirect github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect github.com/mitchellh/copystructure v1.2.0 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect @@ -94,15 +87,13 @@ require ( github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/muvaf/typewriter v0.0.0-20220131201631-921e94e8e8d7 // indirect - github.com/oklog/run v1.0.0 // indirect - github.com/pierrec/lz4 v2.5.2+incompatible // indirect - github.com/prometheus/client_golang v1.14.0 // indirect - github.com/prometheus/client_model v0.3.0 // indirect - github.com/prometheus/common v0.37.0 // indirect - github.com/prometheus/procfs v0.8.0 // indirect + github.com/prometheus/client_golang v1.15.1 // indirect + github.com/prometheus/client_model v0.4.0 // indirect + github.com/prometheus/common v0.44.0 // indirect + github.com/prometheus/procfs v0.10.0 // indirect github.com/ryanuber/go-glob v1.0.0 // indirect - github.com/spf13/afero v1.9.2 // indirect - github.com/spf13/cobra v1.6.1 // indirect + github.com/spf13/afero v1.9.5 // indirect + github.com/spf13/cobra v1.7.0 // indirect github.com/spf13/pflag v1.0.5 // indirect github.com/tmccombs/hcl2json v0.3.3 // indirect github.com/vmihailenco/msgpack v4.0.4+incompatible // indirect @@ -110,34 +101,35 @@ require ( github.com/vmihailenco/tagparser v0.1.1 // indirect github.com/yuin/goldmark v1.5.3 // indirect github.com/zclconf/go-cty v1.11.0 // indirect - go.uber.org/atomic v1.10.0 // indirect - go.uber.org/multierr v1.8.0 // indirect + go.uber.org/atomic v1.11.0 // indirect + go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.24.0 // indirect - golang.org/x/crypto v0.2.0 // indirect - golang.org/x/mod v0.7.0 // indirect - golang.org/x/net v0.7.0 // indirect - golang.org/x/oauth2 v0.1.0 // indirect - golang.org/x/sys v0.5.0 // indirect - golang.org/x/term v0.5.0 // indirect - golang.org/x/text v0.7.0 // indirect + golang.org/x/crypto v0.11.0 // indirect + golang.org/x/mod v0.12.0 // indirect + golang.org/x/net v0.12.0 // indirect + golang.org/x/oauth2 v0.8.0 // indirect + golang.org/x/sys v0.10.0 // indirect + golang.org/x/term v0.10.0 // indirect + golang.org/x/text v0.11.0 // indirect golang.org/x/time v0.3.0 // indirect - golang.org/x/tools v0.4.0 // indirect - gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect + golang.org/x/tools v0.11.0 // indirect + gomodules.xyz/jsonpatch/v2 v2.3.0 // indirect google.golang.org/appengine v1.6.7 // indirect - google.golang.org/genproto v0.0.0-20221202195650-67e5cbc046fd // indirect - google.golang.org/grpc v1.50.1 // indirect - google.golang.org/protobuf v1.28.2-0.20220831092852-f930b1dc76e8 // indirect + google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1 // indirect + google.golang.org/grpc v1.56.2 // indirect + google.golang.org/protobuf v1.31.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect - gopkg.in/square/go-jose.v2 v2.5.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/api v0.26.3 // indirect - k8s.io/apiextensions-apiserver v0.26.3 // indirect - k8s.io/component-base v0.26.3 // indirect - k8s.io/klog/v2 v2.80.1 // indirect - k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 // indirect - k8s.io/utils v0.0.0-20221128185143-99ec85e7a448 // indirect - sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect + k8s.io/api v0.27.3 // indirect + k8s.io/apiextensions-apiserver v0.27.3 // indirect + k8s.io/component-base v0.27.3 // indirect + k8s.io/klog/v2 v2.100.1 // indirect + k8s.io/kube-openapi v0.0.0-20230525220651-2546d827e515 // indirect + k8s.io/utils v0.0.0-20230505201702-9f6742963106 // indirect + sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect sigs.k8s.io/yaml v1.3.0 // indirect ) + +replace github.com/upbound/upjet => ../upjet diff --git a/go.sum b/go.sum index b0b69953..ae685f6e 100644 --- a/go.sum +++ b/go.sum @@ -35,21 +35,18 @@ cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohl cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3fOKtUw0Xmo= +dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk= +dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/agext/levenshtein v1.2.1/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/alecthomas/kong v0.2.16/go.mod h1:kQOmtJgV+Lb4aj+I2LEn40cbtawdWJ9Y8QLq+lElKxE= -github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751 h1:JYp7IbQjafoB+tBA3gMyHYHrpOtNuDiK/uB5uXxq5wM= github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137 h1:s6gZFSlWYmbqAuRjVTiNNhvNRfY2Wxp9nhfyel4rklc= github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE= github.com/antchfx/htmlquery v1.2.4 h1:qLteofCMe/KGovBI6SQgmou2QNyedFUW+pE+BpeZ494= @@ -63,15 +60,9 @@ github.com/apparentlymart/go-textseg v1.0.0/go.mod h1:z96Txxhf3xSFMPmb5X/1W05FF/ github.com/apparentlymart/go-textseg/v12 v12.0.0/go.mod h1:S/4uRK2UtaQttw1GenVJEynmyUenKwP++x/+DdGV/Ec= github.com/apparentlymart/go-textseg/v13 v13.0.0 h1:Y+KvPE1NYz0xl601PVImeQfFyEy6iT90AvPUL1NNfNw= github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo= -github.com/armon/go-metrics v0.3.9 h1:O2sNqxBdvq8Eq5xmzljcYzAORli6RWCvEym4cJf9m18= -github.com/armon/go-metrics v0.3.9/go.mod h1:4O98XIr/9W0sxpJ8UaYkvjk10Iff7SnFrb4QAOwNTFc= github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= -github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= -github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8= github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= -github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= -github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= @@ -80,96 +71,72 @@ github.com/cenkalti/backoff/v3 v3.0.0 h1:ske+9nBpD9qZsTBoF41nW5L+AIuFBKMeze18XQ3 github.com/cenkalti/backoff/v3 v3.0.0/go.mod h1:cIeZDE3IrqwwJl6VUwCN6trj1oXrTS4rc0ij+ULvLYs= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= -github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE= -github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= +github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/circonus-labs/circonus-gometrics v2.3.1+incompatible/go.mod h1:nmEj6Dob7S7YxXgwXpfOuvO54S+tGdZdw9fuRZt25Ag= -github.com/circonus-labs/circonusllhist v0.1.3/go.mod h1:kMXHVDlOchFAehlya5ePtbp5jckzBHf4XRpQvBOLI+I= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/crossplane/crossplane-runtime v0.20.0-rc.0.0.20230406155702-4e1673b7141f h1:wDRr6gaoiQstEdddrn0B5SSSgzdXreOQAbdmRH+9JeI= -github.com/crossplane/crossplane-runtime v0.20.0-rc.0.0.20230406155702-4e1673b7141f/go.mod h1:ebtUpmconMy8RKUEhrCXTUFSOpfGQqbKM2E+rjCCYJo= -github.com/crossplane/crossplane-tools v0.0.0-20230327091744-4236bf732aa5 h1:K9H55wcwfXcGroZApIgPmIGRGuZLszsLDCYB12p2yMo= -github.com/crossplane/crossplane-tools v0.0.0-20230327091744-4236bf732aa5/go.mod h1:+e4OaFlOcmr0JvINHl/yvEYBrZawzTgj6pQumOH1SS0= +github.com/crossplane/crossplane-runtime v0.20.0 h1:MlPNrK6ELKLQdeHaIdKxQpZW2LSivSYXxHKVfU32auU= +github.com/crossplane/crossplane-runtime v0.20.0/go.mod h1:FuKIC8Mg8hE2gIAMyf2wCPkxkFPz+VnMQiYWBq1/p5A= +github.com/crossplane/crossplane-tools v0.0.0-20230714144037-2684f4bc7638 h1:NPbGG7jLyM+LbSMFQXilM70EOxbxk4z2CFvdSRtxc1s= +github.com/crossplane/crossplane-tools v0.0.0-20230714144037-2684f4bc7638/go.mod h1:+e4OaFlOcmr0JvINHl/yvEYBrZawzTgj6pQumOH1SS0= github.com/dave/jennifer v1.4.1 h1:XyqG6cn5RQsTj3qlWQTKlRGAyrTcsk1kUmWdZBzRjDw= github.com/dave/jennifer v1.4.1/go.mod h1:7jEdnm+qBcxl8PC0zyp7vxcpSRnzXSt9r39tpTVGlwA= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= -github.com/emicklei/go-restful/v3 v3.9.0 h1:XwGDlfxEnQZzuopoqxwSEllNcCOM9DhhFyhFIIGKwxE= -github.com/emicklei/go-restful/v3 v3.9.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/emicklei/go-restful/v3 v3.10.2 h1:hIovbnmBTLjHXkqEBUz3HGpXZdM7ZrE9fJIZIqlJLqE= +github.com/emicklei/go-restful/v3 v3.10.2/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po= github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= -github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/evanphx/json-patch v0.5.2/go.mod h1:ZWS5hhDbVDyob71nXKNL0+PWn6ToqBHMikGIFbs31qQ= github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84= -github.com/evanphx/json-patch/v5 v5.5.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJCLunww= github.com/evanphx/json-patch/v5 v5.6.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= github.com/fatih/camelcase v1.0.0 h1:hxNvNX/xYBp0ovncs8WyWZrOrpBNub/JfaMvbURyft8= github.com/fatih/camelcase v1.0.0/go.mod h1:yN2Sb0lFhZJUdVvtELVWefmrXpuZESvPmqwoZc+/fpc= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= -github.com/fatih/color v1.13.0 h1:8LOYc1KYPPmyKMuN8QV2DNRWNbLo6LZ0iLs8+mlH53w= github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= -github.com/fatih/structs v1.1.0 h1:Q7juDM0QtcnhCpeyLGQKyg4TOIghuNXrkL32pHAUMxo= -github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M= +github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs= +github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw= github.com/flowstack/go-jsonschema v0.1.1/go.mod h1:yL7fNggx1o8rm9RlgXv7hTBWxdBM0rVwpMwimd3F3N0= -github.com/frankban/quicktest v1.10.0/go.mod h1:ui7WezCLWMWxVWr1GETZY3smRy0G4KWq9vcPtJmFl7Y= -github.com/frankban/quicktest v1.13.0 h1:yNZif1OkDfNoDfb9zZa9aXIpejNR4F23Wely0c+Qdqk= -github.com/frankban/quicktest v1.13.0/go.mod h1:qLE0fzW0VuyUAJgPU19zByoIr0HtCHN/r/VLSOOIySU= github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/go-asn1-ber/asn1-ber v1.3.1/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY= -github.com/go-kit/log v0.2.0/go.mod h1:NwTd00d/i8cPZ3xOwwiv2PO5MOcx78fFErGNcVmBjv0= -github.com/go-ldap/ldap/v3 v3.1.10/go.mod h1:5Zun81jBTabRaI8lzN7E1JjyEl1g6zI6u9pd8luAK4Q= -github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= -github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= -github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= -github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs= +github.com/go-jose/go-jose/v3 v3.0.0 h1:s6rrhirfEP/CGIoc6p+PZAeogN2SxKav6Wp7+dyMWVo= +github.com/go-jose/go-jose/v3 v3.0.0/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8= github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0= -github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/zapr v1.2.3 h1:a9vnzlIBPQBBkeaR9IuMUfmVOrQlkoC4YfPoFkX3T7A= -github.com/go-logr/zapr v1.2.3/go.mod h1:eIauM6P8qSvTw5o2ez6UEAfGjQKrxQTl5EoK+Qa2oG4= -github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonpointer v0.19.5 h1:gZr+CIYByUqjcgeLXnQu2gHYQC9o73G2XUeOFYEICuY= -github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonreference v0.20.0 h1:MYlu0sBgChmCfJxxUKZ8g1cPWFOB37YSZqewK7OKeyA= -github.com/go-openapi/jsonreference v0.20.0/go.mod h1:Ag74Ico3lPc+zR+qjn4XBUmXymS4zJbYVCZmcgkasdo= -github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/swag v0.21.1 h1:wm0rhTb5z7qpJRHBdPOMuY4QjVUMbF6/kwoYeRAOrKU= -github.com/go-openapi/swag v0.21.1/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= -github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= -github.com/go-test/deep v1.0.2/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= +github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= +github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/zapr v1.2.4 h1:QHVo+6stLbfJmYGkQ7uGHUCu5hnAFAj6mDe6Ea0SeOo= +github.com/go-logr/zapr v1.2.4/go.mod h1:FyHWQIzQORZ0QVE1BtVHv3cKtNLuXsbNLtpuhNapBOA= +github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= +github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= +github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= +github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= +github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= +github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= github.com/go-test/deep v1.0.7 h1:/VSMRlnY/JSyqxQUzQLKVMAskpY/NZKFA5j2P+0pP2M= github.com/go-test/deep v1.0.7/go.mod h1:QV8Hv/iy04NyLBxAdO9njL0iVPN1S4d/A3NVv1V36o8= -github.com/gobuffalo/flect v0.3.0 h1:erfPWM+K1rFNIQeRPdeEXxo8yFr/PO17lhRnS8FUrtk= -github.com/gobuffalo/flect v0.3.0/go.mod h1:5pf3aGnsvqvCj50AVni7mJJF8ICxGZ8HomberC3pXLE= -github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= +github.com/gobuffalo/flect v1.0.2 h1:eqjPGSo2WmjgY2XlpGwo2NXgL3RucAKo4k4qQMNA5sA= +github.com/gobuffalo/flect v1.0.2/go.mod h1:A5msMlrHtLqh9umBSnvabjsMrCcCpAyzglnDvkbYKHs= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= @@ -203,10 +170,9 @@ github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QD github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM= -github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= +github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= +github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/google/addlicense v0.0.0-20210428195630-6d92264d7170/go.mod h1:EMjYTRimagHs1FwlIqKyX3wAM0u3rA+McvlIIWmSamA= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= @@ -241,6 +207,7 @@ github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hf github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20201218002935-b9804c9f04c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20230705174524-200ffdc848b8 h1:n6vlPhxsA+BW/XsS5+uqi7GyzaLa5MH7qlSLBZtRdiA= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= @@ -252,56 +219,35 @@ github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFb github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 h1:1/D3zfFHttUKaCaGKZ/dR2roBXv0vKbSCnssIldfQdI= github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320/go.mod h1:EiZBMaudVLy8fmjf9Npq1dq9RalhveqZG5w/yz3mHWs= github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ= -github.com/hashicorp/go-hclog v0.14.1/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= -github.com/hashicorp/go-hclog v0.16.2/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= github.com/hashicorp/go-hclog v1.2.1 h1:YQsLlGDJgwhXFpucSPyVbCBviQtjlHv3jLTlp8YmtEw= github.com/hashicorp/go-hclog v1.2.1/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= -github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= -github.com/hashicorp/go-immutable-radix v1.3.1 h1:DKHmCUm2hRBK510BaiZlwvpD40f8bJFeZnpfm2KLowc= -github.com/hashicorp/go-immutable-radix v1.3.1/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= -github.com/hashicorp/go-kms-wrapping/entropy v0.1.0/go.mod h1:d1g9WGtAunDNpek8jUIEJnBlbgKS1N2Q61QkHiZyR1g= github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= -github.com/hashicorp/go-plugin v1.4.3/go.mod h1:5fGEH17QVwTTcR0zV7yhDPLLmFX9YSZ38b18Udy6vYQ= -github.com/hashicorp/go-plugin v1.4.4 h1:NVdrSdFRt3SkZtNckJ6tog7gbpRrcbOjQi/rgF7JYWQ= -github.com/hashicorp/go-plugin v1.4.4/go.mod h1:viDMjcLJuDui6pXb8U4HVfb8AamCWhHGUjr2IrTF67s= -github.com/hashicorp/go-retryablehttp v0.5.3/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs= -github.com/hashicorp/go-retryablehttp v0.6.6/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY= github.com/hashicorp/go-retryablehttp v0.7.1 h1:sUiuQAnLlbvmExtFQs72iFW/HXeUn8Z1aJLQ4LJJbTQ= github.com/hashicorp/go-retryablehttp v0.7.1/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY= github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc= github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8= -github.com/hashicorp/go-secure-stdlib/base62 v0.1.1/go.mod h1:EdWO6czbmthiwZ3/PUsDV+UD1D5IRU4ActiaWGwt0Yw= -github.com/hashicorp/go-secure-stdlib/mlock v0.1.1 h1:cCRo8gK7oq6A2L6LICkUZ+/a5rLiRXFMf1Qd4xSwxTc= -github.com/hashicorp/go-secure-stdlib/mlock v0.1.1/go.mod h1:zq93CJChV6L9QTfGKtfBxKqD7BqqXx5O04A/ns2p5+I= -github.com/hashicorp/go-secure-stdlib/parseutil v0.1.1 h1:78ki3QBevHwYrVxnyVeaEz+7WtifHhauYF23es/0KlI= -github.com/hashicorp/go-secure-stdlib/parseutil v0.1.1/go.mod h1:QmrqtbKuxxSWTN3ETMPuB+VtEiBJ/A9XhoYGv8E1uD8= -github.com/hashicorp/go-secure-stdlib/password v0.1.1/go.mod h1:9hH302QllNwu1o2TGYtSk8I8kTAN0ca1EHpwhm5Mmzo= -github.com/hashicorp/go-secure-stdlib/strutil v0.1.1 h1:nd0HIW15E6FG1MsnArYaHfuw9C2zgzM8LxkG5Ty/788= +github.com/hashicorp/go-secure-stdlib/parseutil v0.1.6 h1:om4Al8Oy7kCm/B86rLCLah4Dt5Aa0Fr5rYBG60OzwHQ= +github.com/hashicorp/go-secure-stdlib/parseutil v0.1.6/go.mod h1:QmrqtbKuxxSWTN3ETMPuB+VtEiBJ/A9XhoYGv8E1uD8= github.com/hashicorp/go-secure-stdlib/strutil v0.1.1/go.mod h1:gKOamz3EwoIoJq7mlMIRBpVTAUn8qPCrEclOKKWhD3U= -github.com/hashicorp/go-secure-stdlib/tlsutil v0.1.1/go.mod h1:l8slYwnJA26yBz+ErHpp2IRCLr0vuOMGBORIz4rRiAs= +github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 h1:kes8mmyCpxJsI7FTwtzRqEy9CdjCtrXrXGuOpxEA7Ts= +github.com/hashicorp/go-secure-stdlib/strutil v0.1.2/go.mod h1:Gou2R9+il93BqX25LAKCLuM+y9U2T4hlwvT1yprcna4= github.com/hashicorp/go-sockaddr v1.0.2 h1:ztczhD1jLxIRjVejw8gFomI1BQZOe2WoVOu0SyteCQc= github.com/hashicorp/go-sockaddr v1.0.2/go.mod h1:rB4wwRAUzs07qva3c5SdrY/NEtAUjGlgmH/UkBUC97A= -github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= -github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8= github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= -github.com/hashicorp/go-version v1.2.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/go-version v1.5.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/go-version v1.6.0 h1:feTTfFNnjP967rlCxM/I9g701jU+RN74YKx2mOkIeek= github.com/hashicorp/go-version v1.6.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc= -github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/hashicorp/hcl/v2 v2.9.1/go.mod h1:FwWsfWEjyV/CMj8s/gqAuiviY72rJ1/oayI9WftqcKg= @@ -317,47 +263,30 @@ github.com/hashicorp/terraform-plugin-log v0.7.0 h1:SDxJUyT8TwN4l5b5/VkiTIaQgY6R github.com/hashicorp/terraform-plugin-log v0.7.0/go.mod h1:p4R1jWBXRTvL4odmEkFfDdhUjHf9zcs/BCoNHAc7IK4= github.com/hashicorp/terraform-plugin-sdk/v2 v2.24.0 h1:FtCLTiTcykdsURXPt/ku7fYXm3y19nbzbZcUxHx9RbI= github.com/hashicorp/terraform-plugin-sdk/v2 v2.24.0/go.mod h1:80wf5oad1tW+oLnbXS4UTYmDCrl7BuN1Q+IA91X1a4Y= -github.com/hashicorp/vault/api v1.5.0 h1:Bp6yc2bn7CWkOrVIzFT/Qurzx528bdavF3nz590eu28= -github.com/hashicorp/vault/api v1.5.0/go.mod h1:LkMdrZnWNrFaQyYYazWVn7KshilfDidgVBq6YiTq/bM= -github.com/hashicorp/vault/sdk v0.4.1 h1:3SaHOJY687jY1fnB61PtL0cOkKItphrbLmux7T92HBo= -github.com/hashicorp/vault/sdk v0.4.1/go.mod h1:aZ3fNuL5VNydQk8GcLJ2TV8YCRVvyaakYkhZRoVuhj0= -github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM= -github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d h1:kJCB4vdITiW1eC1vq2e6IsrXKrZit1bv/TDYFGMp4BQ= -github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM= +github.com/hashicorp/vault/api v1.9.2 h1:YjkZLJ7K3inKgMZ0wzCU9OHqc+UqMQyXsPXnf3Cl2as= +github.com/hashicorp/vault/api v1.9.2/go.mod h1:jo5Y/ET+hNyz+JnKDt8XLAdKs+AM0G5W0Vp1IrFI8N8= github.com/iancoleman/strcase v0.2.0 h1:05I4QRnGpI0m37iZQRuskXh+w77mr6Z41lwQzuHLwW0= github.com/iancoleman/strcase v0.2.0/go.mod h1:iwCmte+B7n89clKwxIoIXy/HfoL7AsD47ZCWhYzw7ho= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU= -github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= -github.com/inconshreveable/mousetrap v1.0.1 h1:U3uMjPSQEBMNp1lFxmllqCPM6P5u/Xq7Pgzkat/bFNc= -github.com/inconshreveable/mousetrap v1.0.1/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= +github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= +github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= +github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= +github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= -github.com/jhump/protoreflect v1.6.0 h1:h5jfMVslIg6l29nsMs0D8Wj17RDVdNYti0vDN/PZZoE= -github.com/jhump/protoreflect v1.6.0/go.mod h1:eaTn3RZAmMBcV0fifFvlm6VHNz3wSkYyXYWUh7ymB74= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= -github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4= -github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= -github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= -github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= -github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= -github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= @@ -365,37 +294,28 @@ github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= -github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= -github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= -github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= -github.com/mattn/go-colorable v0.1.12 h1:jF+Du6AlPIjs2BiUiQlKOX0rt3SujHxPnksPKZbaA40= github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= +github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= +github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= -github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= -github.com/mattn/go-isatty v0.0.10/go.mod h1:qgIWMr58cqv1PHHyhnkY9lrL7etaEgOFcMEpPG5Rm84= github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= -github.com/mattn/go-isatty v0.0.16 h1:bq3VjFmv/sOjHtdEhmkEV4x1AJtvUvOJ2PFAZ5+peKQ= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= +github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng= +github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= -github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/go-ps v1.0.0 h1:i6ampVEEF4wQFF+bkYfwYgY+F/uYJDktmvLPf7qIgjc= github.com/mitchellh/go-ps v1.0.0/go.mod h1:J4lOc8z8yJs6vUwklHw2XEIiT4z4C40KtWVN3nvg8Pg= -github.com/mitchellh/go-testing-interface v0.0.0-20171004221916-a61a99592b77/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= -github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= github.com/mitchellh/go-testing-interface v1.14.1 h1:jrgshOhYAUVNMAJiKbEu7EqAwgJJ2JqpQmpLJOu07cU= github.com/mitchellh/go-testing-interface v1.14.1/go.mod h1:gfgS7OtZj6MA4U1UrDRp04twqAjfvlZyCfX3sDjEym8= github.com/mitchellh/go-wordwrap v0.0.0-20150314170334-ad45545899c7/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= @@ -403,38 +323,24 @@ github.com/mitchellh/go-wordwrap v1.0.0/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUb github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0= github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0= github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= -github.com/mitchellh/mapstructure v1.4.2/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= -github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= -github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/muvaf/typewriter v0.0.0-20220131201631-921e94e8e8d7 h1:CxRHKnh1YJXgNKxcos9rrKL6AcmOl1AS/fygmxFDzh4= github.com/muvaf/typewriter v0.0.0-20220131201631-921e94e8e8d7/go.mod h1:SAAdeMEiFXR8LcHffvIdiLI1w243DCH2DuHq7UrA5YQ= -github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= github.com/nsf/jsondiff v0.0.0-20200515183724-f29ed568f4ce h1:RPclfga2SEJmgMmz2k+Mg7cowZ8yv4Trqw9UsJby758= github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= -github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw= -github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= -github.com/onsi/ginkgo/v2 v2.6.0 h1:9t9b9vRUbFq3C4qKFCGkVuq/fIHji802N1nrtkh1mNc= -github.com/onsi/gomega v1.24.2 h1:J/tulyYK6JwBldPViHJReihxxZ+22FHs0piGjQAvoUE= -github.com/pascaldekloe/goe v0.1.0 h1:cBOtyMzM9HTpWjXfbbunk26uA6nG3a8n06Wieeh0MwY= -github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= -github.com/pierrec/lz4 v2.5.2+incompatible h1:WCjObylUIOlKy/+7Abdn34TLIkXiA4UWUMhxq9m9ZXI= -github.com/pierrec/lz4 v2.5.2+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY= -github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/onsi/ginkgo/v2 v2.9.5 h1:+6Hr4uxzP4XIUyAkg61dWBw8lb/gc4/X5luuxN/EC+Q= +github.com/onsi/gomega v1.27.7 h1:fVih9JD6ogIiHUN6ePK7HJidyEDpWGVB5mzM7cWNXoU= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -442,59 +348,36 @@ github.com/pkg/sftp v1.13.1/go.mod h1:3HaPG6Dq1ILlpPZRO0HVMrsydcdLt6HRDccSgb87qR github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= -github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= -github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= -github.com/prometheus/client_golang v1.4.0/go.mod h1:e9GMxYsXl05ICDXkRhurwBS4Q3OK1iX/F2sw+iXX5zU= -github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= -github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0= -github.com/prometheus/client_golang v1.12.1/go.mod h1:3Z9XVyYiZYEO+YQWt3RD2R3jrbd179Rt297l4aS6nDY= -github.com/prometheus/client_golang v1.14.0 h1:nJdhIvne2eSX/XRAFV9PcvFFRbrjbcTUj0VP62TMhnw= -github.com/prometheus/client_golang v1.14.0/go.mod h1:8vpkKitgIVNcqrRBWh1C4TIUQgYNtG/XQE4E/Zae36Y= -github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= -github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/prometheus/client_golang v1.15.1 h1:8tXpTmJbyH5lydzFPoxSIJ0J46jdh3tylbvM1xCv0LI= +github.com/prometheus/client_golang v1.15.1/go.mod h1:e9yaBhRPU2pPNsZwE+JdQl0KEt1N9XgF6zxWmaC0xOk= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.3.0 h1:UBgGFHqYdG/TPFD1B1ogZywDqEkwp3fBMvqdiQ7Xew4= -github.com/prometheus/client_model v0.3.0/go.mod h1:LDGWKZIo7rky3hgvBe+caln+Dr3dPggB5dvjtD7w9+w= -github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/common v0.9.1/go.mod h1:yhUN8i9wzaXS3w1O07YhxHEBxD+W35wd8bs7vj7HSQ4= -github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= -github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc= -github.com/prometheus/common v0.32.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls= -github.com/prometheus/common v0.37.0 h1:ccBbHCgIiT9uSoFY0vX8H3zsNR5eLt17/RQLUvn8pXE= -github.com/prometheus/common v0.37.0/go.mod h1:phzohg0JFMnBEFGxTDbfu3QyL5GI8gTQJFhYO5B3mfA= -github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A= -github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= -github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= -github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= -github.com/prometheus/procfs v0.8.0 h1:ODq8ZFEaYeCaZOJlZZdJA2AbQR98dSHSM1KW/You5mo= -github.com/prometheus/procfs v0.8.0/go.mod h1:z7EfXMXOkbkqb9IINtpCn86r/to3BnA0uaxHdg830/4= +github.com/prometheus/client_model v0.4.0 h1:5lQXD3cAg1OXBf4Wq03gTrXHeaV0TQvGfUooCfx1yqY= +github.com/prometheus/client_model v0.4.0/go.mod h1:oMQmHW1/JoDwqLtg57MGgP/Fb1CJEYF2imWWhWtMkYU= +github.com/prometheus/common v0.44.0 h1:+5BrQJwiBB9xsMygAB3TNvpQKOwlkc25LbISbrdOOfY= +github.com/prometheus/common v0.44.0/go.mod h1:ofAIvZbQ1e/nugmZGz4/qCb9Ap1VoSTIO7x0VV9VvuY= +github.com/prometheus/procfs v0.10.0 h1:UkG7GPYkO4UZyLnyXjaWYcgOSONqwdBqFUT95ugmt6I= +github.com/prometheus/procfs v0.10.0/go.mod h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPHWJq+XBB/FM= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= +github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk= github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc= github.com/sebdah/goldie v1.0.0/go.mod h1:jXP4hmWywNEwZzhMuv2ccnqTSFpuq8iyQhtQdkkZBH4= github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= -github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= -github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= -github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= -github.com/spf13/afero v1.9.2 h1:j49Hj62F0n+DaZ1dDCvhABaPNSGNkt32oRFxI33IEMw= -github.com/spf13/afero v1.9.2/go.mod h1:iUV7ddyEEZPO5gA3zD4fJt6iStLlL+Lg4m2cihcDf8Y= -github.com/spf13/cobra v1.6.1 h1:o94oiPyS4KD1mPy2fmcYYHHfCxLqYjJOhGsCHFZtEzA= -github.com/spf13/cobra v1.6.1/go.mod h1:IOw/AERYS7UzyrGinqmz6HLUo219MORXGxhbaJUqzrY= +github.com/spf13/afero v1.9.5 h1:stMpOSZFs//0Lv29HduCmli3GUfpFoF3Y1Q/aXj/wVM= +github.com/spf13/afero v1.9.5/go.mod h1:UBogFpq8E9Hx+xc5CNTTEpTnuHVmXDwZcZcE1eb/UhQ= +github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I= +github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0= github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0 h1:M2gUjqZET1qApGOWNSnZ49BAIMX4F/1plDv3+l31EJ4= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= @@ -503,13 +386,11 @@ github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= -github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= +github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/tmccombs/hcl2json v0.3.3 h1:+DLNYqpWE0CsOQiEZu+OZm5ZBImake3wtITYxQ8uLFQ= github.com/tmccombs/hcl2json v0.3.3/go.mod h1:Y2chtz2x9bAeRTvSibVRVgbLJhLJXKlUeIvjeVdnm4w= -github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM= -github.com/upbound/upjet v0.9.0-rc.0.0.20230502154751-645d7260d814 h1:lsVgo6tcAXmdHCoPgo0HT67rtYQ4DRzUeNJ2lh9Qhm0= -github.com/upbound/upjet v0.9.0-rc.0.0.20230502154751-645d7260d814/go.mod h1:CWxJ9YTMy7q+bDc2W504ocL/ZzBmWabwwcRjIaP7CKc= github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= github.com/vmihailenco/msgpack v4.0.4+incompatible h1:dSLoQfGFAo3F6OoNhwUmLwVgaUXK79GlxNBwueZn0xI= github.com/vmihailenco/msgpack v4.0.4+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= @@ -542,29 +423,26 @@ go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ= -go.uber.org/atomic v1.10.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= -go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= -go.uber.org/goleak v1.2.0 h1:xqgm/S+aQvhWFTtR0XK3Jvg7z8kGV8P4X14IzwN3Eqk= +go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE= +go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= +go.uber.org/goleak v1.1.11/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= +go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= -go.uber.org/multierr v1.8.0 h1:dg6GjLku4EH+249NNmoIciG9N/jURbDG+pFlTkhzIC8= -go.uber.org/multierr v1.8.0/go.mod h1:7EAYxJLBy9rStEaz58O2t4Uvip6FSURkq8/ppBp95ak= -go.uber.org/zap v1.19.0/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= +go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= +go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= go.uber.org/zap v1.24.0 h1:FiJd5l1UOLj0wCgbSE0rwwXHzEdAZS6hiiSnxJN/D60= go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= -golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190426145343-a29dc8fdc734/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= -golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.2.0 h1:BRXPfhNivWL5Yq0BGQ39a2sW6t44aODpfxkWjYdzewE= -golang.org/x/crypto v0.2.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= +golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.11.0 h1:6Ewdq3tDic1mg5xRO4milcWCfMVQhI4NkqWWvqejpuA= +golang.org/x/crypto v0.11.0/go.mod h1:xgJhtzW8F9jGdVFWZESrid1U1bjeNy4zgy5cRr/CIio= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -599,13 +477,11 @@ golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.7.0 h1:LapD9S96VoQRhi/GrNTqeBJFrUjs5UHCAtTlgwA5oZA= -golang.org/x/mod v0.7.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/net v0.0.0-20180530234432-1e491301e022/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/mod v0.12.0 h1:rmsUpXtvNzj340zd98LZ4KntptpfRHwpFOHG188oHXc= +golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180811021610-c39426892332/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= @@ -613,7 +489,6 @@ golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= @@ -638,12 +513,10 @@ golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= -golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g= -golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.12.0 h1:cfawfvKITfUsFCeJIHJrbSxpeu/E81khclypR0GVT50= +golang.org/x/net v0.12.0/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -653,10 +526,8 @@ golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= -golang.org/x/oauth2 v0.1.0 h1:isLCZuhj4v+tYv7eskaN4v/TM+A1begWWgyVJDdl1+Y= -golang.org/x/oauth2 v0.1.0/go.mod h1:G9FE4dLTsbXUu90h/Pf85g4w1D+SSAgR+q46nJZ8M4A= +golang.org/x/oauth2 v0.8.0 h1:6dkIjl3j3LtZ/O3sTgZTMsLKSftL/B8Zgq4huOIIUu8= +golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -668,16 +539,12 @@ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.1.0 h1:wsuoTGHzEhffawBOhz5CYhcrV4IdKZbEyZjBMuTp12o= +golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190502175342-a43fa875dd82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -685,10 +552,8 @@ golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191008105621-543471e840be/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -702,8 +567,6 @@ golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -711,27 +574,22 @@ golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210225134936-a50acf3fe073/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.10.0 h1:SqMFp9UcQJZa+pmYuAKjd9xq1f0j5rLcDIk0mj4qAsA= +golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.5.0 h1:n2a8QNdAb0sZNpU9R1ALUXBbY+w51fCQDN+7EdxNBsY= -golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= +golang.org/x/term v0.10.0 h1:3R7pNqamzBraeqj/Tj8qt1aQ2HpmlC+Cx/qL/7hn4/c= +golang.org/x/term v0.10.0/go.mod h1:lpqdcUyK/oCiQxvxVrppt5ggO2KCZ5QblwqPnfZ6d5o= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -741,12 +599,11 @@ golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo= -golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.11.0 h1:LAntKIrcmeSKERyiOh0XMV39LXS8IE9UL2yP7+f5ij4= +golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -764,7 +621,6 @@ golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgw golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= @@ -800,14 +656,15 @@ golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4f golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.4.0 h1:7mTAgkunk3fr4GAloyyCasadO6h9zSsQZbwvcaIciV4= -golang.org/x/tools v0.4.0/go.mod h1:UE5sM2OK9E/d67R0ANs2xJizIymRP5gJU295PvKXxjQ= +golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.11.0 h1:EMCa6U9S2LtZXLAMoWiR/R8dAQFRqbAitmbJ2UKhoi8= +golang.org/x/tools v0.11.0/go.mod h1:anzJrxPjNtfgiYQYirP2CPGzGLxrH2u2QBhn6Bf3qY8= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -gomodules.xyz/jsonpatch/v2 v2.2.0 h1:4pT439QV83L+G9FkcCriY6EkpcK6r6bK+A5FBUMI7qY= -gomodules.xyz/jsonpatch/v2 v2.2.0/go.mod h1:WXp+iVDkoLQqPudfQ9GBlwB2eZ5DKOnjQZCYdOS8GPY= +gomodules.xyz/jsonpatch/v2 v2.3.0 h1:8NFhfS6gzxNqjLIYnZxg319wZ5Qjnx4m/CcX+Klzazc= +gomodules.xyz/jsonpatch/v2 v2.3.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= @@ -835,7 +692,6 @@ google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCID google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/genproto v0.0.0-20170818010345-ee236bd376b0/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= @@ -874,9 +730,8 @@ google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20210108203827-ffc7fda8c3d7/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210226172003-ab064af71705/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20220107163113-42d7afdf6368/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20221202195650-67e5cbc046fd h1:OjndDrsik+Gt+e6fs45z9AxiewiKyLKYpA45W5Kpkks= -google.golang.org/genproto v0.0.0-20221202195650-67e5cbc046fd/go.mod h1:cTsE614GARnxrLsqKREzmNYJACSWWpAWdNMwnD7c2BE= -google.golang.org/grpc v1.8.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= +google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1 h1:KpwkzHKEF7B9Zxg18WzOa7djJ+Ha5DzthMyZYQfEn2A= +google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1/go.mod h1:nKE/iIaLqn2bQwXBg8f1g2Ylh6r5MN5CmZvuzZCgsCU= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= @@ -896,9 +751,8 @@ google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA5 google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= -google.golang.org/grpc v1.41.0/go.mod h1:U3l9uK9J0sini8mHphKoXyaqDA/8VyGnDee1zzIUK6k= -google.golang.org/grpc v1.50.1 h1:DS/BukOZWp8s6p4Dt/tOaJaTQyPyOoCcrjroHuCeLzY= -google.golang.org/grpc v1.50.1/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI= +google.golang.org/grpc v1.56.2 h1:fVRFRnXvU+x6C4IlHZewvJOVHoOv1TUuQyoRsYnB4bI= +google.golang.org/grpc v1.56.2/go.mod h1:I9bI3vqKfayGqPUAwGdOSu7kt6oIJLixfffKrpXqQ9s= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -912,33 +766,26 @@ google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlba google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.28.2-0.20220831092852-f930b1dc76e8 h1:KR8+MyP7/qOlV+8Af01LtjL04bu7on42eVsxT4EyBQk= -google.golang.org/protobuf v1.28.2-0.20220831092852-f930b1dc76e8/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= +google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/alecthomas/kingpin.v2 v2.2.6 h1:jMFz6MfLP0/4fUyZle81rXUoxOBFi19VUFKVDOQfozc= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/square/go-jose.v2 v2.5.1 h1:7odma5RETjNHWJnR32wx8t+Io4djHE1PqxCFx3iiZ2w= -gopkg.in/square/go-jose.v2 v2.5.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= -gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= @@ -948,31 +795,31 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/api v0.26.3 h1:emf74GIQMTik01Aum9dPP0gAypL8JTLl/lHa4V9RFSU= -k8s.io/api v0.26.3/go.mod h1:PXsqwPMXBSBcL1lJ9CYDKy7kIReUydukS5JiRlxC3qE= -k8s.io/apiextensions-apiserver v0.26.3 h1:5PGMm3oEzdB1W/FTMgGIDmm100vn7IaUP5er36dB+YE= -k8s.io/apiextensions-apiserver v0.26.3/go.mod h1:jdA5MdjNWGP+njw1EKMZc64xAT5fIhN6VJrElV3sfpQ= -k8s.io/apimachinery v0.26.3 h1:dQx6PNETJ7nODU3XPtrwkfuubs6w7sX0M8n61zHIV/k= -k8s.io/apimachinery v0.26.3/go.mod h1:ats7nN1LExKHvJ9TmwootT00Yz05MuYqPXEXaVeOy5I= -k8s.io/client-go v0.26.3 h1:k1UY+KXfkxV2ScEL3gilKcF7761xkYsSD6BC9szIu8s= -k8s.io/client-go v0.26.3/go.mod h1:ZPNu9lm8/dbRIPAgteN30RSXea6vrCpFvq+MateTUuQ= -k8s.io/component-base v0.26.3 h1:oC0WMK/ggcbGDTkdcqefI4wIZRYdK3JySx9/HADpV0g= -k8s.io/component-base v0.26.3/go.mod h1:5kj1kZYwSC6ZstHJN7oHBqcJC6yyn41eR+Sqa/mQc8E= -k8s.io/klog/v2 v2.80.1 h1:atnLQ121W371wYYFawwYx1aEY2eUfs4l3J72wtgAwV4= -k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 h1:+70TFaan3hfJzs+7VK2o+OGxg8HsuBr/5f6tVAjDu6E= -k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280/go.mod h1:+Axhij7bCpeqhklhUTe3xmOn6bWxolyZEeyaFpjGtl4= -k8s.io/utils v0.0.0-20221128185143-99ec85e7a448 h1:KTgPnR10d5zhztWptI952TNtt/4u5h3IzDXkdIMuo2Y= -k8s.io/utils v0.0.0-20221128185143-99ec85e7a448/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/api v0.27.3 h1:yR6oQXXnUEBWEWcvPWS0jQL575KoAboQPfJAuKNrw5Y= +k8s.io/api v0.27.3/go.mod h1:C4BNvZnQOF7JA/0Xed2S+aUyJSfTGkGFxLXz9MnpIpg= +k8s.io/apiextensions-apiserver v0.27.3 h1:xAwC1iYabi+TDfpRhxh4Eapl14Hs2OftM2DN5MpgKX4= +k8s.io/apiextensions-apiserver v0.27.3/go.mod h1:BH3wJ5NsB9XE1w+R6SSVpKmYNyIiyIz9xAmBl8Mb+84= +k8s.io/apimachinery v0.27.3 h1:Ubye8oBufD04l9QnNtW05idcOe9Z3GQN8+7PqmuVcUM= +k8s.io/apimachinery v0.27.3/go.mod h1:XNfZ6xklnMCOGGFNqXG7bUrQCoR04dh/E7FprV6pb+E= +k8s.io/client-go v0.27.3 h1:7dnEGHZEJld3lYwxvLl7WoehK6lAq7GvgjxpA3nv1E8= +k8s.io/client-go v0.27.3/go.mod h1:2MBEKuTo6V1lbKy3z1euEGnhPfGZLKTS9tiJ2xodM48= +k8s.io/component-base v0.27.3 h1:g078YmdcdTfrCE4fFobt7qmVXwS8J/3cI1XxRi/2+6k= +k8s.io/component-base v0.27.3/go.mod h1:JNiKYcGImpQ44iwSYs6dysxzR9SxIIgQalk4HaCNVUY= +k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= +k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= +k8s.io/kube-openapi v0.0.0-20230525220651-2546d827e515 h1:OmK1d0WrkD3IPfkskvroRykOulHVHf0s0ZIFRjyt+UI= +k8s.io/kube-openapi v0.0.0-20230525220651-2546d827e515/go.mod h1:kzo02I3kQ4BTtEfVLaPbjvCkX97YqGve33wzlb3fofQ= +k8s.io/utils v0.0.0-20230505201702-9f6742963106 h1:EObNQ3TW2D+WptiYXlApGNLVy0zm/JIBVY9i+M4wpAU= +k8s.io/utils v0.0.0-20230505201702-9f6742963106/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= -sigs.k8s.io/controller-runtime v0.14.6 h1:oxstGVvXGNnMvY7TAESYk+lzr6S3V5VFxQ6d92KcwQA= -sigs.k8s.io/controller-runtime v0.14.6/go.mod h1:WqIdsAY6JBsjfc/CqO0CORmNtoCtE4S6qbPc9s68h+0= -sigs.k8s.io/controller-tools v0.11.3 h1:T1xzLkog9saiyQSLz1XOImu4OcbdXWytc5cmYsBeBiE= -sigs.k8s.io/controller-tools v0.11.3/go.mod h1:qcfX7jfcfYD/b7lAhvqAyTbt/px4GpvN88WKLFFv7p8= -sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 h1:iXTIw73aPyC+oRdyqqvVJuloN1p0AC/kzH07hu3NE+k= -sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= +sigs.k8s.io/controller-runtime v0.15.0 h1:ML+5Adt3qZnMSYxZ7gAverBLNPSMQEibtzAgp0UPojU= +sigs.k8s.io/controller-runtime v0.15.0/go.mod h1:7ngYvp1MLT+9GeZ+6lH3LOlcHkp/+tzA/fmHa4iq9kk= +sigs.k8s.io/controller-tools v0.12.1 h1:GyQqxzH5wksa4n3YDIJdJJOopztR5VDM+7qsyg5yE4U= +sigs.k8s.io/controller-tools v0.12.1/go.mod h1:rXlpTfFHZMpZA8aGq9ejArgZiieHd+fkk/fTatY8A2M= +sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= +sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= diff --git a/internal/controller/administrativeunits/member/zz_controller.go b/internal/controller/administrativeunits/member/zz_controller.go index 5ed66761..2a62d3e1 100755 --- a/internal/controller/administrativeunits/member/zz_controller.go +++ b/internal/controller/administrativeunits/member/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Member_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_administrative_unit_member"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Member_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_administrative_unit_member"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.Member{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.Member{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/administrativeunits/unit/zz_controller.go b/internal/controller/administrativeunits/unit/zz_controller.go index 73fdf754..a6318c14 100755 --- a/internal/controller/administrativeunits/unit/zz_controller.go +++ b/internal/controller/administrativeunits/unit/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Unit_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_administrative_unit"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Unit_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_administrative_unit"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.Unit{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.Unit{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/app/roleassignment/zz_controller.go b/internal/controller/app/roleassignment/zz_controller.go index 6ca02dc8..18d95a04 100755 --- a/internal/controller/app/roleassignment/zz_controller.go +++ b/internal/controller/app/roleassignment/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.RoleAssignment_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_app_role_assignment"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.RoleAssignment_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_app_role_assignment"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.RoleAssignment{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.RoleAssignment{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/applications/application/zz_controller.go b/internal/controller/applications/application/zz_controller.go index b5175d4e..c75c5567 100755 --- a/internal/controller/applications/application/zz_controller.go +++ b/internal/controller/applications/application/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Application_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_application"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Application_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_application"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.Application{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.Application{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/applications/certificate/zz_controller.go b/internal/controller/applications/certificate/zz_controller.go index 5c2aca88..d1abd007 100755 --- a/internal/controller/applications/certificate/zz_controller.go +++ b/internal/controller/applications/certificate/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Certificate_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_application_certificate"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Certificate_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_application_certificate"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.Certificate{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.Certificate{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/applications/federatedidentitycredential/zz_controller.go b/internal/controller/applications/federatedidentitycredential/zz_controller.go index 195f8f80..450e9a69 100755 --- a/internal/controller/applications/federatedidentitycredential/zz_controller.go +++ b/internal/controller/applications/federatedidentitycredential/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.FederatedIdentityCredential_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_application_federated_identity_credential"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.FederatedIdentityCredential_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_application_federated_identity_credential"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.FederatedIdentityCredential{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.FederatedIdentityCredential{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/applications/password/zz_controller.go b/internal/controller/applications/password/zz_controller.go index cc0ac739..a3a6aad0 100755 --- a/internal/controller/applications/password/zz_controller.go +++ b/internal/controller/applications/password/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Password_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_application_password"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Password_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_application_password"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.Password{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.Password{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/applications/preauthorized/zz_controller.go b/internal/controller/applications/preauthorized/zz_controller.go index 1a995eda..22f4f3f4 100755 --- a/internal/controller/applications/preauthorized/zz_controller.go +++ b/internal/controller/applications/preauthorized/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.PreAuthorized_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_application_pre_authorized"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.PreAuthorized_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_application_pre_authorized"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.PreAuthorized{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.PreAuthorized{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/conditionalaccess/accesspolicy/zz_controller.go b/internal/controller/conditionalaccess/accesspolicy/zz_controller.go index 85fe38ac..dd2e3997 100755 --- a/internal/controller/conditionalaccess/accesspolicy/zz_controller.go +++ b/internal/controller/conditionalaccess/accesspolicy/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.AccessPolicy_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_conditional_access_policy"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.AccessPolicy_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_conditional_access_policy"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.AccessPolicy{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.AccessPolicy{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/conditionalaccess/location/zz_controller.go b/internal/controller/conditionalaccess/location/zz_controller.go index 42ec4bff..b256abfa 100755 --- a/internal/controller/conditionalaccess/location/zz_controller.go +++ b/internal/controller/conditionalaccess/location/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Location_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_named_location"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Location_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_named_location"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.Location{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.Location{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/directoryroles/customdirectoryrole/zz_controller.go b/internal/controller/directoryroles/customdirectoryrole/zz_controller.go index 1f54b70a..f110bc2a 100755 --- a/internal/controller/directoryroles/customdirectoryrole/zz_controller.go +++ b/internal/controller/directoryroles/customdirectoryrole/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.CustomDirectoryRole_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_custom_directory_role"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.CustomDirectoryRole_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_custom_directory_role"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.CustomDirectoryRole{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.CustomDirectoryRole{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/directoryroles/role/zz_controller.go b/internal/controller/directoryroles/role/zz_controller.go index 6d73ed0f..bab34fc4 100755 --- a/internal/controller/directoryroles/role/zz_controller.go +++ b/internal/controller/directoryroles/role/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Role_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_directory_role"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Role_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_directory_role"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.Role{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.Role{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/directoryroles/roleassignment/zz_controller.go b/internal/controller/directoryroles/roleassignment/zz_controller.go index a3d08da8..98cabb85 100755 --- a/internal/controller/directoryroles/roleassignment/zz_controller.go +++ b/internal/controller/directoryroles/roleassignment/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.RoleAssignment_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_directory_role_assignment"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.RoleAssignment_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_directory_role_assignment"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.RoleAssignment{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.RoleAssignment{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/groups/group/zz_controller.go b/internal/controller/groups/group/zz_controller.go index d458d24a..baa28da6 100755 --- a/internal/controller/groups/group/zz_controller.go +++ b/internal/controller/groups/group/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Group_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_group"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Group_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_group"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.Group{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.Group{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/groups/member/zz_controller.go b/internal/controller/groups/member/zz_controller.go index 5e8fd846..da805f03 100755 --- a/internal/controller/groups/member/zz_controller.go +++ b/internal/controller/groups/member/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Member_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_group_member"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Member_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_group_member"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.Member{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.Member{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/invitations/invitation/zz_controller.go b/internal/controller/invitations/invitation/zz_controller.go index 1adcb246..2b8c9878 100755 --- a/internal/controller/invitations/invitation/zz_controller.go +++ b/internal/controller/invitations/invitation/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Invitation_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_invitation"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Invitation_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_invitation"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.Invitation{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.Invitation{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/policies/claimsmappingpolicy/zz_controller.go b/internal/controller/policies/claimsmappingpolicy/zz_controller.go index 2c39df7a..1adcad29 100755 --- a/internal/controller/policies/claimsmappingpolicy/zz_controller.go +++ b/internal/controller/policies/claimsmappingpolicy/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.ClaimsMappingPolicy_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_claims_mapping_policy"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.ClaimsMappingPolicy_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_claims_mapping_policy"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.ClaimsMappingPolicy{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.ClaimsMappingPolicy{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/serviceprincipaldelegated/permissiongrant/zz_controller.go b/internal/controller/serviceprincipaldelegated/permissiongrant/zz_controller.go index cebbe2be..ef9182a6 100755 --- a/internal/controller/serviceprincipaldelegated/permissiongrant/zz_controller.go +++ b/internal/controller/serviceprincipaldelegated/permissiongrant/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.PermissionGrant_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_service_principal_delegated_permission_grant"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.PermissionGrant_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_service_principal_delegated_permission_grant"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.PermissionGrant{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.PermissionGrant{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/serviceprincipals/certificate/zz_controller.go b/internal/controller/serviceprincipals/certificate/zz_controller.go index 354f3282..a62c8b6d 100755 --- a/internal/controller/serviceprincipals/certificate/zz_controller.go +++ b/internal/controller/serviceprincipals/certificate/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Certificate_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_service_principal_certificate"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Certificate_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_service_principal_certificate"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.Certificate{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.Certificate{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/serviceprincipals/claimsmappingpolicyassignment/zz_controller.go b/internal/controller/serviceprincipals/claimsmappingpolicyassignment/zz_controller.go index 1161d118..baf96c6e 100755 --- a/internal/controller/serviceprincipals/claimsmappingpolicyassignment/zz_controller.go +++ b/internal/controller/serviceprincipals/claimsmappingpolicyassignment/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.ClaimsMappingPolicyAssignment_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_service_principal_claims_mapping_policy_assignment"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.ClaimsMappingPolicyAssignment_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_service_principal_claims_mapping_policy_assignment"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.ClaimsMappingPolicyAssignment{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.ClaimsMappingPolicyAssignment{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/serviceprincipals/password/zz_controller.go b/internal/controller/serviceprincipals/password/zz_controller.go index b7153e5a..6414dd39 100755 --- a/internal/controller/serviceprincipals/password/zz_controller.go +++ b/internal/controller/serviceprincipals/password/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Password_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_service_principal_password"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Password_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_service_principal_password"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.Password{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.Password{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/serviceprincipals/principal/zz_controller.go b/internal/controller/serviceprincipals/principal/zz_controller.go index 45955300..dc0a8298 100755 --- a/internal/controller/serviceprincipals/principal/zz_controller.go +++ b/internal/controller/serviceprincipals/principal/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Principal_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_service_principal"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Principal_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_service_principal"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.Principal{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.Principal{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/serviceprincipals/tokensigningcertificate/zz_controller.go b/internal/controller/serviceprincipals/tokensigningcertificate/zz_controller.go index 06953b99..ff5ab5f1 100755 --- a/internal/controller/serviceprincipals/tokensigningcertificate/zz_controller.go +++ b/internal/controller/serviceprincipals/tokensigningcertificate/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.TokenSigningCertificate_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_service_principal_token_signing_certificate"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.TokenSigningCertificate_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_service_principal_token_signing_certificate"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.TokenSigningCertificate{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.TokenSigningCertificate{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/synchronization/job/zz_controller.go b/internal/controller/synchronization/job/zz_controller.go index 96e7fb1d..4fbd1847 100755 --- a/internal/controller/synchronization/job/zz_controller.go +++ b/internal/controller/synchronization/job/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Job_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_synchronization_job"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Job_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_synchronization_job"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.Job{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.Job{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/synchronization/secret/zz_controller.go b/internal/controller/synchronization/secret/zz_controller.go index 0683da42..40b8d18d 100755 --- a/internal/controller/synchronization/secret/zz_controller.go +++ b/internal/controller/synchronization/secret/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Secret_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_synchronization_secret"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.Secret_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_synchronization_secret"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.Secret{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.Secret{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/internal/controller/users/user/zz_controller.go b/internal/controller/users/user/zz_controller.go index 46834414..abfa8b69 100755 --- a/internal/controller/users/user/zz_controller.go +++ b/internal/controller/users/user/zz_controller.go @@ -30,9 +30,10 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { if o.SecretStoreConfigGVK != nil { cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK, connection.WithTLSConfig(o.ESSOptions.TLSConfig))) } + ac := tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.User_GroupVersionKind), tjcontroller.WithEventHandler(o.EventHandler)) opts := []managed.ReconcilerOption{ - managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_user"], tjcontroller.WithLogger(o.Logger), - tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.User_GroupVersionKind))), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["azuread_user"], tjcontroller.WithLogger(o.Logger), tjcontroller.WithConnectorEventHandler(o.EventHandler), + tjcontroller.WithCallbackProvider(ac), )), managed.WithLogger(o.Logger.WithValues("controller", name)), managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), @@ -50,6 +51,7 @@ func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { return ctrl.NewControllerManagedBy(mgr). Named(name). WithOptions(o.ForControllerRuntime()). - For(&v1beta1.User{}). + WithEventFilter(xpresource.DesiredStateChanged()). + Watches(&v1beta1.User{}, o.EventHandler). Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) } diff --git a/package/crds/administrativeunits.azuread.upbound.io_members.yaml b/package/crds/administrativeunits.azuread.upbound.io_members.yaml index 0039bcb8..ce958b5a 100644 --- a/package/crds/administrativeunits.azuread.upbound.io_members.yaml +++ b/package/crds/administrativeunits.azuread.upbound.io_members.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: members.administrativeunits.azuread.upbound.io spec: group: administrativeunits.azuread.upbound.io @@ -57,7 +56,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -151,21 +150,51 @@ spec: a new resource to be created. The object ID of the member type: string type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + properties: + memberObjectId: + description: The object ID of the user or group you want to add + as a member of the administrative unit. Changing this forces + a new resource to be created. The object ID of the member + type: string + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default diff --git a/package/crds/administrativeunits.azuread.upbound.io_units.yaml b/package/crds/administrativeunits.azuread.upbound.io_units.yaml index 4f6ae314..ac3afc72 100644 --- a/package/crds/administrativeunits.azuread.upbound.io_units.yaml +++ b/package/crds/administrativeunits.azuread.upbound.io_units.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: units.administrativeunits.azuread.upbound.io spec: group: administrativeunits.azuread.upbound.io @@ -57,7 +56,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -93,21 +92,71 @@ spec: unit is found with the same name type: boolean type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + properties: + description: + description: The description of the administrative unit. The description + for the administrative unit + type: string + displayName: + description: The display name of the administrative unit. The + display name for the administrative unit + type: string + hiddenMembershipEnabled: + description: Whether the administrative unit and its members are + hidden or publicly viewable in the directory + type: boolean + members: + description: A set of object IDs of members who should be present + in this administrative unit. Supported object types are Users + or Groups. A set of object IDs of members who should be present + in this administrative unit. Supported object types are Users + or Groups + items: + type: string + type: array + preventDuplicateNames: + description: If `true`, will return an error if an existing administrative + unit is found with the same name + type: boolean + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default @@ -281,7 +330,9 @@ spec: type: object x-kubernetes-validations: - message: displayName is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.displayName) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.displayName) + || has(self.initProvider.displayName)' status: description: UnitStatus defines the observed state of Unit. properties: diff --git a/package/crds/app.azuread.upbound.io_roleassignments.yaml b/package/crds/app.azuread.upbound.io_roleassignments.yaml index 64d3c1dd..9ea2a162 100644 --- a/package/crds/app.azuread.upbound.io_roleassignments.yaml +++ b/package/crds/app.azuread.upbound.io_roleassignments.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: roleassignments.app.azuread.upbound.io spec: group: app.azuread.upbound.io @@ -57,7 +56,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -236,21 +235,52 @@ spec: type: object type: object type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + properties: + appRoleId: + description: The ID of the app role to be assigned, or the default + role ID 00000000-0000-0000-0000-000000000000. Changing this + forces a new resource to be created. The ID of the app role + to be assigned + type: string + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default @@ -424,7 +454,9 @@ spec: type: object x-kubernetes-validations: - message: appRoleId is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.appRoleId) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.appRoleId) + || has(self.initProvider.appRoleId)' status: description: RoleAssignmentStatus defines the observed state of RoleAssignment. properties: diff --git a/package/crds/applications.azuread.upbound.io_applications.yaml b/package/crds/applications.azuread.upbound.io_applications.yaml index 86d25714..39990533 100644 --- a/package/crds/applications.azuread.upbound.io_applications.yaml +++ b/package/crds/applications.azuread.upbound.io_applications.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: applications.applications.azuread.upbound.io spec: group: applications.azuread.upbound.io @@ -57,7 +56,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -154,8 +153,6 @@ spec: in OAuth 2.0 access tokens. The value that is used for the `scp` claim in OAuth 2.0 access tokens type: string - required: - - id type: object type: array requestedAccessTokenVersion: @@ -216,11 +213,6 @@ spec: access tokens that are authenticating an assigned service or user principal type: string - required: - - allowedMemberTypes - - description - - displayName - - id type: object type: array description: @@ -360,8 +352,6 @@ spec: of `name` is the extension property from the user object type: string - required: - - name type: object type: array idToken: @@ -398,8 +388,6 @@ spec: of `name` is the extension property from the user object type: string - required: - - name type: object type: array saml2Token: @@ -437,8 +425,6 @@ spec: of `name` is the extension property from the user object type: string - required: - - name type: object type: array type: object @@ -502,9 +488,6 @@ spec: an app role or an OAuth2 permission scope. Possible values are Role or Scope. type: string - required: - - id - - type type: object type: array resourceAppId: @@ -512,9 +495,6 @@ spec: the application requires access to. This should be the Application ID of the target application. type: string - required: - - resourceAccess - - resourceAppId type: object type: array serviceManagementReference: @@ -618,21 +598,577 @@ spec: type: object type: array type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + properties: + api: + description: An api block as documented below, which configures + API related settings for this application. + items: + properties: + knownClientApplications: + description: 'A set of application IDs (client IDs), used + for bundling consent if you have a solution that contains + two parts: a client app and a custom web API app. Used + for bundling consent if you have a solution that contains + two parts: a client app and a custom web API app' + items: + type: string + type: array + mappedClaimsEnabled: + description: Allows an application to use claims mapping + without specifying a custom signing key. Defaults to false. + Allows an application to use claims mapping without specifying + a custom signing key + type: boolean + oauth2PermissionScope: + description: One or more oauth2_permission_scope blocks + as documented below, to describe delegated permissions + exposed by the web API represented by this application. + One or more `oauth2_permission_scope` blocks to describe + delegated permissions exposed by the web API represented + by this application + items: + properties: + adminConsentDescription: + description: Delegated permission description that + appears in all tenant-wide admin consent experiences, + intended to be read by an administrator granting + the permission on behalf of all users. Delegated + permission description that appears in all tenant-wide + admin consent experiences, intended to be read by + an administrator granting the permission on behalf + of all users + type: string + adminConsentDisplayName: + description: Display name for the delegated permission, + intended to be read by an administrator granting + the permission on behalf of all users. Display name + for the delegated permission, intended to be read + by an administrator granting the permission on behalf + of all users + type: string + enabled: + description: Determines if the permission scope is + enabled. Defaults to true. Determines if the permission + scope is enabled + type: boolean + id: + description: The unique identifier of the delegated + permission. Must be a valid UUID. The unique identifier + of the delegated permission + type: string + type: + description: Whether this delegated permission should + be considered safe for non-admin users to consent + to on behalf of themselves, or whether an administrator + should be required for consent to the permissions. + Defaults to User. Possible values are User or Admin. + Whether this delegated permission should be considered + safe for non-admin users to consent to on behalf + of themselves, or whether an administrator should + be required for consent to the permissions + type: string + userConsentDescription: + description: Delegated permission description that + appears in the end user consent experience, intended + to be read by a user consenting on their own behalf. + Delegated permission description that appears in + the end user consent experience, intended to be + read by a user consenting on their own behalf + type: string + userConsentDisplayName: + description: Display name for the delegated permission + that appears in the end user consent experience. + Display name for the delegated permission that appears + in the end user consent experience + type: string + value: + description: The value that is used for the scp claim + in OAuth 2.0 access tokens. The value that is used + for the `scp` claim in OAuth 2.0 access tokens + type: string + type: object + type: array + requestedAccessTokenVersion: + description: The access token version expected by this resource. + Must be one of 1 or 2, and must be 2 when sign_in_audience + is either AzureADandPersonalMicrosoftAccount or PersonalMicrosoftAccount + Defaults to 1. The access token version expected by this + resource + type: number + type: object + type: array + appRole: + description: A collection of app_role blocks as documented below. + For more information see official documentation on Application + Roles. + items: + properties: + allowedMemberTypes: + description: Specifies whether this app role definition + can be assigned to users and groups by setting to User, + or to other applications (that are accessing this application + in a standalone scenario) by setting to Application, or + to both. Specifies whether this app role definition can + be assigned to users and groups by setting to `User`, + or to other applications (that are accessing this application + in a standalone scenario) by setting to `Application`, + or to both + items: + type: string + type: array + description: + description: Description of the app role that appears when + the role is being assigned and, if the role functions + as an application permissions, during the consent experiences. + Description of the app role that appears when the role + is being assigned and, if the role functions as an application + permissions, during the consent experiences + type: string + displayName: + description: Display name for the app role that appears + during app role assignment and in consent experiences. + Display name for the app role that appears during app + role assignment and in consent experiences + type: string + enabled: + description: Determines if the app role is enabled. Defaults + to true. Determines if the app role is enabled + type: boolean + id: + description: The unique identifier of the app role. Must + be a valid UUID. The unique identifier of the app role + type: string + value: + description: The value that is used for the roles claim + in ID tokens and OAuth 2.0 access tokens that are authenticating + an assigned service or user principal. The value that + is used for the `roles` claim in ID tokens and OAuth 2.0 + access tokens that are authenticating an assigned service + or user principal + type: string + type: object + type: array + description: + description: A description of the application, as shown to end + users. Description of the application as shown to end users + type: string + deviceOnlyAuthEnabled: + description: Specifies whether this application supports device + authentication without a user. Defaults to false. Specifies + whether this application supports device authentication without + a user. + type: boolean + displayName: + description: The display name for the application. The display + name for the application + type: string + fallbackPublicClientEnabled: + description: Specifies whether the application is a public client. + Appropriate for apps using token grant flows that don't use + a redirect URI. Defaults to false. Specifies whether the application + is a public client. Appropriate for apps using token grant flows + that don't use a redirect URI + type: boolean + featureTags: + description: A feature_tags block as described below. Cannot be + used together with the tags property. Block of features to configure + for this application using tags + items: + properties: + customSingleSignOn: + description: Whether this application represents a custom + SAML application for linked service principals. Enabling + this will assign the WindowsAzureActiveDirectoryCustomSingleSignOnApplication + tag. Defaults to false. Whether this application represents + a custom SAML application for linked service principals + type: boolean + enterprise: + description: Whether this application represents an Enterprise + Application for linked service principals. Enabling this + will assign the WindowsAzureActiveDirectoryIntegratedApp + tag. Defaults to false. Whether this application represents + an Enterprise Application for linked service principals + type: boolean + gallery: + description: Whether this application represents a gallery + application for linked service principals. Enabling this + will assign the WindowsAzureActiveDirectoryGalleryApplicationNonPrimaryV1 + tag. Defaults to false. Whether this application represents + a gallery application for linked service principals + type: boolean + hide: + description: Whether this app is invisible to users in My + Apps and Office 365 Launcher. Enabling this will assign + the HideApp tag. Defaults to false. Whether this application + is invisible to users in My Apps and Office 365 Launcher + type: boolean + type: object + type: array + groupMembershipClaims: + description: Configures the groups claim issued in a user or OAuth + 2.0 access token that the app expects. Possible values are None, + SecurityGroup, DirectoryRole, ApplicationGroup or All. Configures + the `groups` claim issued in a user or OAuth 2.0 access token + that the app expects + items: + type: string + type: array + identifierUris: + description: A set of user-defined URI(s) that uniquely identify + an application within its Azure AD tenant, or within a verified + custom domain if the application is multi-tenant. The user-defined + URI(s) that uniquely identify an application within its Azure + AD tenant, or within a verified custom domain if the application + is multi-tenant + items: + type: string + type: array + logoImage: + description: A logo image to upload for the application, as a + raw base64-encoded string. The image should be in gif, jpeg + or png format. Note that once an image has been uploaded, it + is not possible to remove it without replacing it with another + image. Base64 encoded logo image in gif, png or jpeg format + type: string + marketingUrl: + description: URL of the application's marketing page. URL of the + application's marketing page + type: string + notes: + description: User-specified notes relevant for the management + of the application. User-specified notes relevant for the management + of the application + type: string + oauth2PostResponseRequired: + description: Specifies whether, as part of OAuth 2.0 token requests, + Azure AD allows POST requests, as opposed to GET requests. Defaults + to false, which specifies that only GET requests are allowed. + Specifies whether, as part of OAuth 2.0 token requests, Azure + AD allows POST requests, as opposed to GET requests. + type: boolean + optionalClaims: + description: An optional_claims block as documented below. + items: + properties: + accessToken: + description: One or more access_token blocks as documented + below. + items: + properties: + additionalProperties: + description: List of additional properties of the + claim. If a property exists in this list, it modifies + the behaviour of the optional claim. List of additional + properties of the claim. If a property exists in + this list, it modifies the behaviour of the optional + claim + items: + type: string + type: array + essential: + description: Whether the claim specified by the client + is necessary to ensure a smooth authorization experience. + Whether the claim specified by the client is necessary + to ensure a smooth authorization experience + type: boolean + name: + description: The name of the optional claim. The name + of the optional claim + type: string + source: + description: The source of the claim. If source is + absent, the claim is a predefined optional claim. + If source is user, the value of name is the extension + property from the user object. The source of the + claim. If `source` is absent, the claim is a predefined + optional claim. If `source` is `user`, the value + of `name` is the extension property from the user + object + type: string + type: object + type: array + idToken: + description: One or more id_token blocks as documented below. + items: + properties: + additionalProperties: + description: List of additional properties of the + claim. If a property exists in this list, it modifies + the behaviour of the optional claim. List of additional + properties of the claim. If a property exists in + this list, it modifies the behaviour of the optional + claim + items: + type: string + type: array + essential: + description: Whether the claim specified by the client + is necessary to ensure a smooth authorization experience. + Whether the claim specified by the client is necessary + to ensure a smooth authorization experience + type: boolean + name: + description: The name of the optional claim. The name + of the optional claim + type: string + source: + description: The source of the claim. If source is + absent, the claim is a predefined optional claim. + If source is user, the value of name is the extension + property from the user object. The source of the + claim. If `source` is absent, the claim is a predefined + optional claim. If `source` is `user`, the value + of `name` is the extension property from the user + object + type: string + type: object + type: array + saml2Token: + description: One or more saml2_token blocks as documented + below. + items: + properties: + additionalProperties: + description: List of additional properties of the + claim. If a property exists in this list, it modifies + the behaviour of the optional claim. List of additional + properties of the claim. If a property exists in + this list, it modifies the behaviour of the optional + claim + items: + type: string + type: array + essential: + description: Whether the claim specified by the client + is necessary to ensure a smooth authorization experience. + Whether the claim specified by the client is necessary + to ensure a smooth authorization experience + type: boolean + name: + description: The name of the optional claim. The name + of the optional claim + type: string + source: + description: The source of the claim. If source is + absent, the claim is a predefined optional claim. + If source is user, the value of name is the extension + property from the user object. The source of the + claim. If `source` is absent, the claim is a predefined + optional claim. If `source` is `user`, the value + of `name` is the extension property from the user + object + type: string + type: object + type: array + type: object + type: array + owners: + description: A set of object IDs of principals that will be granted + ownership of the application. Supported object types are users + or service principals. By default, no owners are assigned. A + list of object IDs of principals that will be granted ownership + of the application + items: + type: string + type: array + preventDuplicateNames: + description: If true, will return an error if an existing application + is found with the same name. Defaults to false. If `true`, will + return an error if an existing application is found with the + same name + type: boolean + privacyStatementUrl: + description: URL of the application's privacy statement. URL of + the application's privacy statement + type: string + publicClient: + description: A public_client block as documented below, which + configures non-web app or non-web API application settings, + for example mobile or other public clients such as an installed + application running on a desktop device. + items: + properties: + redirectUris: + description: A set of URLs where user tokens are sent for + sign-in, or the redirect URIs where OAuth 2.0 authorization + codes and access tokens are sent. Must be a valid https + or ms-appx-web URL. The URLs where user tokens are sent + for sign-in, or the redirect URIs where OAuth 2.0 authorization + codes and access tokens are sent + items: + type: string + type: array + type: object + type: array + requiredResourceAccess: + description: A collection of required_resource_access blocks as + documented below. + items: + properties: + resourceAccess: + description: A collection of resource_access blocks as documented + below, describing OAuth2.0 permission scopes and app roles + that the application requires from the specified resource. + items: + properties: + id: + description: The unique identifier for an app role + or OAuth2 permission scope published by the resource + application. + type: string + type: + description: Specifies whether the id property references + an app role or an OAuth2 permission scope. Possible + values are Role or Scope. + type: string + type: object + type: array + resourceAppId: + description: The unique identifier for the resource that + the application requires access to. This should be the + Application ID of the target application. + type: string + type: object + type: array + serviceManagementReference: + description: References application context information from a + Service or Asset Management database. References application + or service contact information from a Service or Asset Management + database + type: string + signInAudience: + description: The Microsoft account types that are supported for + the current application. Must be one of AzureADMyOrg, AzureADMultipleOrgs, + AzureADandPersonalMicrosoftAccount or PersonalMicrosoftAccount. + Defaults to AzureADMyOrg. The Microsoft account types that are + supported for the current application + type: string + singlePageApplication: + description: A single_page_application block as documented below, + which configures single-page application (SPA) related settings + for this application. + items: + properties: + redirectUris: + description: A set of URLs where user tokens are sent for + sign-in, or the redirect URIs where OAuth 2.0 authorization + codes and access tokens are sent. Must be a valid https + URL. The URLs where user tokens are sent for sign-in, + or the redirect URIs where OAuth 2.0 authorization codes + and access tokens are sent + items: + type: string + type: array + type: object + type: array + supportUrl: + description: URL of the application's support page. URL of the + application's support page + type: string + tags: + description: A set of tags to apply to the application for configuring + specific behaviours of the application and linked service principals. + Note that these are not provided for use by practitioners. Cannot + be used together with the feature_tags block. A set of tags + to apply to the application + items: + type: string + type: array + templateId: + description: Unique ID for a templated application in the Azure + AD App Gallery, from which to create the application. Changing + this forces a new resource to be created. Unique ID of the application + template from which this application is created + type: string + termsOfServiceUrl: + description: URL of the application's terms of service statement. + URL of the application's terms of service statement + type: string + web: + description: A web block as documented below, which configures + web related settings for this application. + items: + properties: + homepageUrl: + description: Home page or landing page of the application. + Home page or landing page of the application + type: string + implicitGrant: + description: An implicit_grant block as documented above. + items: + properties: + accessTokenIssuanceEnabled: + description: Whether this web application can request + an access token using OAuth 2.0 implicit flow. Whether + this web application can request an access token + using OAuth 2.0 implicit flow + type: boolean + idTokenIssuanceEnabled: + description: Whether this web application can request + an ID token using OAuth 2.0 implicit flow. Whether + this web application can request an ID token using + OAuth 2.0 implicit flow + type: boolean + type: object + type: array + logoutUrl: + description: The URL that will be used by Microsoft's authorization + service to sign out a user using front-channel, back-channel + or SAML logout protocols. The URL that will be used by + Microsoft's authorization service to sign out a user using + front-channel, back-channel or SAML logout protocols + type: string + redirectUris: + description: A set of URLs where user tokens are sent for + sign-in, or the redirect URIs where OAuth 2.0 authorization + codes and access tokens are sent. Must be a valid http + URL or a URN. The URLs where user tokens are sent for + sign-in, or the redirect URIs where OAuth 2.0 authorization + codes and access tokens are sent + items: + type: string + type: array + type: object + type: array + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default @@ -806,7 +1342,9 @@ spec: type: object x-kubernetes-validations: - message: displayName is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.displayName) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.displayName) + || has(self.initProvider.displayName)' status: description: ApplicationStatus defines the observed state of Application. properties: diff --git a/package/crds/applications.azuread.upbound.io_certificates.yaml b/package/crds/applications.azuread.upbound.io_certificates.yaml index 87efda1b..f6eef26a 100644 --- a/package/crds/applications.azuread.upbound.io_certificates.yaml +++ b/package/crds/applications.azuread.upbound.io_certificates.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: certificates.applications.azuread.upbound.io spec: group: applications.azuread.upbound.io @@ -57,7 +56,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -214,21 +213,92 @@ spec: - namespace type: object type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + properties: + encoding: + description: Specifies the encoding used for the supplied certificate + data. Must be one of pem, base64 or hex. Defaults to pem. Specifies + the encoding used for the supplied certificate data + type: string + endDate: + description: The end date until which the certificate is valid, + formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). + If omitted, the API will decide a suitable expiry date, which + is typically around 2 years from the start date. Changing this + field forces a new resource to be created. The end date until + which the certificate is valid, formatted as an RFC3339 date + string (e.g. `2018-01-01T01:02:03Z`). If omitted, the API will + decide a suitable expiry date, which is typically around 2 years + from the start date + type: string + endDateRelative: + description: A relative duration for which the certificate is + valid until, for example 240h (10 days) or 2400h30m. Changing + this field forces a new resource to be created. A relative duration + for which the certificate is valid until, for example `240h` + (10 days) or `2400h30m` + type: string + keyId: + description: A UUID used to uniquely identify this certificate. + If omitted, a random UUID will be automatically generated. Changing + this field forces a new resource to be created. A UUID used + to uniquely identify this certificate. If omitted, a random + UUID will be automatically generated + type: string + startDate: + description: The start date from which the certificate is valid, + formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). + If this isn't specified, the value is determined by Azure Active + Directory and is usually the start date of the certificate for + asymmetric keys, or the current timestamp for symmetric keys. + Changing this field forces a new resource to be created. The + start date from which the certificate is valid, formatted as + an RFC3339 date string (e.g. `2018-01-01T01:02:03Z`). If this + isn't specified, the current date and time are use + type: string + type: + description: The type of key/certificate. Must be one of AsymmetricX509Cert + or Symmetric. Changing this fields forces a new resource to + be created. The type of key/certificate + type: string + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default @@ -402,7 +472,8 @@ spec: type: object x-kubernetes-validations: - message: valueSecretRef is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.valueSecretRef) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.valueSecretRef)' status: description: CertificateStatus defines the observed state of Certificate. properties: diff --git a/package/crds/applications.azuread.upbound.io_federatedidentitycredentials.yaml b/package/crds/applications.azuread.upbound.io_federatedidentitycredentials.yaml index 66f060ed..c386a013 100644 --- a/package/crds/applications.azuread.upbound.io_federatedidentitycredentials.yaml +++ b/package/crds/applications.azuread.upbound.io_federatedidentitycredentials.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: federatedidentitycredentials.applications.azuread.upbound.io spec: group: applications.azuread.upbound.io @@ -59,7 +58,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -184,21 +183,81 @@ spec: app. type: string type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + properties: + audiences: + description: List of audiences that can appear in the external + token. This specifies what should be accepted in the aud claim + of incoming tokens. List of audiences that can appear in the + external token. This specifies what should be accepted in the + `aud` claim of incoming tokens. + items: + type: string + type: array + description: + description: A description for the federated identity credential. + A description for the federated identity credential + type: string + displayName: + description: A unique display name for the federated identity + credential. Changing this forces a new resource to be created. + A unique display name for the federated identity credential + type: string + issuer: + description: The URL of the external identity provider, which + must match the issuer claim of the external token being exchanged. + The combination of the values of issuer and subject must be + unique on the app. The URL of the external identity provider, + which must match the issuer claim of the external token being + exchanged. The combination of the values of issuer and subject + must be unique on the app. + type: string + subject: + description: The identifier of the external software workload + within the external identity provider. The combination of issuer + and subject must be unique on the app. The identifier of the + external software workload within the external identity provider. + The combination of issuer and subject must be unique on the + app. + type: string + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default @@ -372,13 +431,21 @@ spec: type: object x-kubernetes-validations: - message: audiences is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.audiences) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.audiences) + || has(self.initProvider.audiences)' - message: displayName is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.displayName) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.displayName) + || has(self.initProvider.displayName)' - message: issuer is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.issuer) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.issuer) + || has(self.initProvider.issuer)' - message: subject is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.subject) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.subject) + || has(self.initProvider.subject)' status: description: FederatedIdentityCredentialStatus defines the observed state of FederatedIdentityCredential. diff --git a/package/crds/applications.azuread.upbound.io_passwords.yaml b/package/crds/applications.azuread.upbound.io_passwords.yaml index 0711f8c7..79b6f6f3 100644 --- a/package/crds/applications.azuread.upbound.io_passwords.yaml +++ b/package/crds/applications.azuread.upbound.io_passwords.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: passwords.applications.azuread.upbound.io spec: group: applications.azuread.upbound.io @@ -57,7 +56,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -186,21 +185,85 @@ spec: the current date is used type: string type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + properties: + displayName: + description: A display name for the password. Changing this field + forces a new resource to be created. A display name for the + password + type: string + endDate: + description: The end date until which the password is valid, formatted + as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). Changing + this field forces a new resource to be created. The end date + until which the password is valid, formatted as an RFC3339 date + string (e.g. `2018-01-01T01:02:03Z`) + type: string + endDateRelative: + description: A relative duration for which the password is valid + until, for example 240h (10 days) or 2400h30m. Changing this + field forces a new resource to be created. A relative duration + for which the password is valid until, for example `240h` (10 + days) or `2400h30m`. Changing this field forces a new resource + to be created + type: string + rotateWhenChanged: + additionalProperties: + type: string + description: A map of arbitrary key/value pairs that will force + recreation of the password when they change, enabling password + rotation based on external conditions such as a rotating timestamp. + Changing this forces a new resource to be created. Arbitrary + map of values that, when changed, will trigger rotation of the + password + type: object + startDate: + description: The start date from which the password is valid, + formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). + If this isn't specified, the current date is used. Changing + this field forces a new resource to be created. The start date + from which the password is valid, formatted as an RFC3339 date + string (e.g. `2018-01-01T01:02:03Z`). If this isn't specified, + the current date is used + type: string + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default diff --git a/package/crds/applications.azuread.upbound.io_preauthorizeds.yaml b/package/crds/applications.azuread.upbound.io_preauthorizeds.yaml index 975faef9..8ec19e94 100644 --- a/package/crds/applications.azuread.upbound.io_preauthorizeds.yaml +++ b/package/crds/applications.azuread.upbound.io_preauthorizeds.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: preauthorizeds.applications.azuread.upbound.io spec: group: applications.azuread.upbound.io @@ -57,7 +56,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -230,21 +229,53 @@ spec: type: string type: array type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + properties: + permissionIds: + description: A set of permission scope IDs required by the authorized + application. The IDs of the permission scopes required by the + pre-authorized application + items: + type: string + type: array + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default @@ -418,7 +449,9 @@ spec: type: object x-kubernetes-validations: - message: permissionIds is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.permissionIds) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.permissionIds) + || has(self.initProvider.permissionIds)' status: description: PreAuthorizedStatus defines the observed state of PreAuthorized. properties: diff --git a/package/crds/azuread.upbound.io_providerconfigs.yaml b/package/crds/azuread.upbound.io_providerconfigs.yaml index f5db2491..30965850 100644 --- a/package/crds/azuread.upbound.io_providerconfigs.yaml +++ b/package/crds/azuread.upbound.io_providerconfigs.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: providerconfigs.azuread.upbound.io spec: group: azuread.upbound.io diff --git a/package/crds/azuread.upbound.io_providerconfigusages.yaml b/package/crds/azuread.upbound.io_providerconfigusages.yaml index ce874868..ebb78cc4 100644 --- a/package/crds/azuread.upbound.io_providerconfigusages.yaml +++ b/package/crds/azuread.upbound.io_providerconfigusages.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: providerconfigusages.azuread.upbound.io spec: group: azuread.upbound.io diff --git a/package/crds/azuread.upbound.io_storeconfigs.yaml b/package/crds/azuread.upbound.io_storeconfigs.yaml index 928eb2eb..a3ec8b58 100644 --- a/package/crds/azuread.upbound.io_storeconfigs.yaml +++ b/package/crds/azuread.upbound.io_storeconfigs.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: storeconfigs.azuread.upbound.io spec: group: azuread.upbound.io diff --git a/package/crds/conditionalaccess.azuread.upbound.io_accesspolicies.yaml b/package/crds/conditionalaccess.azuread.upbound.io_accesspolicies.yaml index d19d8d52..1b4b5bd0 100644 --- a/package/crds/conditionalaccess.azuread.upbound.io_accesspolicies.yaml +++ b/package/crds/conditionalaccess.azuread.upbound.io_accesspolicies.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: accesspolicies.conditionalaccess.azuread.upbound.io spec: group: conditionalaccess.azuread.upbound.io @@ -57,7 +56,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -136,9 +135,6 @@ spec: description: Condition filter to match devices. For more information, see official documentation. type: string - required: - - mode - - rule type: object type: array type: object @@ -162,8 +158,6 @@ spec: items: type: string type: array - required: - - includedLocations type: object type: array platforms: @@ -187,8 +181,6 @@ spec: items: type: string type: array - required: - - includedPlatforms type: object type: array signInRiskLevels: @@ -249,10 +241,6 @@ spec: type: array type: object type: array - required: - - applications - - clientAppTypes - - users type: object type: array displayName: @@ -287,9 +275,6 @@ spec: items: type: string type: array - required: - - builtInControls - - operator type: object type: array sessionControls: @@ -329,21 +314,293 @@ spec: values are: enabled, disabled and enabledForReportingButNotEnforced' type: string type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + properties: + conditions: + description: A conditions block as documented below, which specifies + the rules that must be met for the policy to apply. + items: + properties: + applications: + description: An applications block as documented below, + which specifies applications and user actions included + in and excluded from the policy. + items: + properties: + excludedApplications: + description: A list of application IDs explicitly + excluded from the policy. Can also be set to Office365. + items: + type: string + type: array + includedApplications: + description: A list of application IDs the policy + applies to, unless explicitly excluded (in excluded_applications). + Can also be set to All, None or Office365. Cannot + be specified with included_user_actions. One of + included_applications or included_user_actions must + be specified. + items: + type: string + type: array + includedUserActions: + description: A list of user actions to include. Supported + values are urn:user:registerdevice and urn:user:registersecurityinfo. + Cannot be specified with included_applications. + One of included_applications or included_user_actions + must be specified. + items: + type: string + type: array + type: object + type: array + clientAppTypes: + description: 'A list of client application types included + in the policy. Possible values are: all, browser, mobileAppsAndDesktopClients, + exchangeActiveSync, easSupported and other.' + items: + type: string + type: array + devices: + description: A devices block as documented below, which + describes devices to be included in and excluded from + the policy. A devices block can be added to an existing + policy, but removing the devices block forces a new resource + to be created. + items: + properties: + filter: + description: A filter block as described below. A + filter block can be added to an existing policy, + but removing the filter block forces a new resource + to be created. + items: + properties: + mode: + description: Whether to include in, or exclude + from, matching devices from the policy. Supported + values are include or exclude. + type: string + rule: + description: Condition filter to match devices. + For more information, see official documentation. + type: string + type: object + type: array + type: object + type: array + locations: + description: A locations block as documented below, which + specifies locations included in and excluded from the + policy. + items: + properties: + excludedLocations: + description: A list of location IDs excluded from + scope of policy. Can also be set to AllTrusted. + items: + type: string + type: array + includedLocations: + description: A list of location IDs in scope of policy + unless explicitly excluded. Can also be set to All, + or AllTrusted. + items: + type: string + type: array + type: object + type: array + platforms: + description: A platforms block as documented below, which + specifies platforms included in and excluded from the + policy. + items: + properties: + excludedPlatforms: + description: 'A list of platforms explicitly excluded + from the policy. Possible values are: all, android, + iOS, linux, macOS, windows, windowsPhone or unknownFutureValue.' + items: + type: string + type: array + includedPlatforms: + description: 'A list of platforms the policy applies + to, unless explicitly excluded. Possible values + are: all, android, iOS, linux, macOS, windows, windowsPhone + or unknownFutureValue.' + items: + type: string + type: array + type: object + type: array + signInRiskLevels: + description: 'A list of sign-in risk levels included in + the policy. Possible values are: low, medium, high, hidden, + none, unknownFutureValue.' + items: + type: string + type: array + userRiskLevels: + description: 'A list of user risk levels included in the + policy. Possible values are: low, medium, high, hidden, + none, unknownFutureValue.' + items: + type: string + type: array + users: + description: A users block as documented below, which specifies + users, groups, and roles included in and excluded from + the policy. + items: + properties: + excludedGroups: + description: A list of group IDs excluded from scope + of policy. + items: + type: string + type: array + excludedRoles: + description: A list of role IDs excluded from scope + of policy. + items: + type: string + type: array + excludedUsers: + description: A list of user IDs excluded from scope + of policy and/or GuestsOrExternalUsers. + items: + type: string + type: array + includedGroups: + description: A list of group IDs in scope of policy + unless explicitly excluded. + items: + type: string + type: array + includedRoles: + description: A list of role IDs in scope of policy + unless explicitly excluded. + items: + type: string + type: array + includedUsers: + description: A list of user IDs in scope of policy + unless explicitly excluded, or None or All or GuestsOrExternalUsers. + items: + type: string + type: array + type: object + type: array + type: object + type: array + displayName: + description: The friendly name for this Conditional Access Policy. + type: string + grantControls: + description: A grant_controls block as documented below, which + specifies the grant controls that must be fulfilled to pass + the policy. + items: + properties: + builtInControls: + description: 'List of built-in controls required by the + policy. Possible values are: block, mfa, approvedApplication, + compliantApplication, compliantDevice, domainJoinedDevice, + passwordChange or unknownFutureValue.' + items: + type: string + type: array + customAuthenticationFactors: + description: List of custom controls IDs required by the + policy. + items: + type: string + type: array + operator: + description: 'Defines the relationship of the grant controls. + Possible values are: AND, OR.' + type: string + termsOfUse: + description: List of terms of use IDs required by the policy. + items: + type: string + type: array + type: object + type: array + sessionControls: + description: A session_controls block as documented below, which + specifies the session controls that are enforced after sign-in. + items: + properties: + applicationEnforcedRestrictionsEnabled: + description: Whether or not application enforced restrictions + are enabled. Defaults to false. + type: boolean + cloudAppSecurityPolicy: + description: 'Enables cloud app security and specifies the + cloud app security policy to use. Possible values are: + blockDownloads, mcasConfigured, monitorOnly or unknownFutureValue.' + type: string + persistentBrowserMode: + description: 'Session control to define whether to persist + cookies or not. Possible values are: always or never.' + type: string + signInFrequency: + description: Number of days or hours to enforce sign-in + frequency. Required when sign_in_frequency_period is specified. + Due to an API issue, removing this property forces a new + resource to be created. + type: number + signInFrequencyPeriod: + description: 'The time period to enforce sign-in frequency. + Possible values are: hours or days. Required when sign_in_frequency_period + is specified. Due to an API issue, removing this property + forces a new resource to be created.' + type: string + type: object + type: array + state: + description: 'Specifies the state of the policy object. Possible + values are: enabled, disabled and enabledForReportingButNotEnforced' + type: string + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default @@ -517,13 +774,21 @@ spec: type: object x-kubernetes-validations: - message: conditions is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.conditions) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.conditions) + || has(self.initProvider.conditions)' - message: displayName is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.displayName) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.displayName) + || has(self.initProvider.displayName)' - message: grantControls is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.grantControls) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.grantControls) + || has(self.initProvider.grantControls)' - message: state is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.state) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.state) + || has(self.initProvider.state)' status: description: AccessPolicyStatus defines the observed state of AccessPolicy. properties: diff --git a/package/crds/conditionalaccess.azuread.upbound.io_locations.yaml b/package/crds/conditionalaccess.azuread.upbound.io_locations.yaml index 3a7e98cb..ddd0fce0 100644 --- a/package/crds/conditionalaccess.azuread.upbound.io_locations.yaml +++ b/package/crds/conditionalaccess.azuread.upbound.io_locations.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: locations.conditionalaccess.azuread.upbound.io spec: group: conditionalaccess.azuread.upbound.io @@ -57,7 +56,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -83,8 +82,6 @@ spec: or region should be included in the named location. Defaults to false. type: boolean - required: - - countriesAndRegions type: object type: array displayName: @@ -106,26 +103,88 @@ spec: description: Whether the named location is trusted. Defaults to false. type: boolean - required: - - ipRanges type: object type: array type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + properties: + country: + description: A country block as documented below, which configures + a country-based named location. + items: + properties: + countriesAndRegions: + description: List of countries and/or regions in two-letter + format specified by ISO 3166-2. + items: + type: string + type: array + includeUnknownCountriesAndRegions: + description: Whether IP addresses that don't map to a country + or region should be included in the named location. Defaults + to false. + type: boolean + type: object + type: array + displayName: + description: The friendly name for this named location. + type: string + ip: + description: An ip block as documented below, which configures + an IP-based named location. + items: + properties: + ipRanges: + description: List of IP address ranges in IPv4 CIDR format + (e.g. 1.2.3.4/32) or any allowable IPv6 format from IETF + RFC596. + items: + type: string + type: array + trusted: + description: Whether the named location is trusted. Defaults + to false. + type: boolean + type: object + type: array + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default @@ -299,7 +358,9 @@ spec: type: object x-kubernetes-validations: - message: displayName is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.displayName) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.displayName) + || has(self.initProvider.displayName)' status: description: LocationStatus defines the observed state of Location. properties: diff --git a/package/crds/directoryroles.azuread.upbound.io_customdirectoryroles.yaml b/package/crds/directoryroles.azuread.upbound.io_customdirectoryroles.yaml index 8a6f35c3..f3861b0f 100644 --- a/package/crds/directoryroles.azuread.upbound.io_customdirectoryroles.yaml +++ b/package/crds/directoryroles.azuread.upbound.io_customdirectoryroles.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: customdirectoryroles.directoryroles.azuread.upbound.io spec: group: directoryroles.azuread.upbound.io @@ -58,7 +57,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -93,8 +92,6 @@ spec: items: type: string type: array - required: - - allowedResourceActions type: object type: array templateId: @@ -110,21 +107,85 @@ spec: the role definition.' type: string type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + properties: + description: + description: The description of the custom directory role. The + description of the custom directory role + type: string + displayName: + description: The display name of the custom directory role. The + display name of the custom directory role + type: string + enabled: + description: Indicates whether the role is enabled for assignment. + Indicates whether the role is enabled for assignment + type: boolean + permissions: + description: A collection of permissions blocks as documented + below. List of permissions that are included in the custom directory + role + items: + properties: + allowedResourceActions: + description: A set of tasks that can be performed on a resource. + For more information, see the Permissions Reference documentation. + Set of tasks that can be performed on a resource + items: + type: string + type: array + type: object + type: array + templateId: + description: Custom template identifier that is typically used + if one needs an identifier to be the same across different directories. + Changing this forces a new resource to be created. Custom template + identifier that is typically used if one needs an identifier + to be the same across different directories. + type: string + version: + description: '- The version of the role definition. This can be + any arbitrary string between 1-128 characters. The version of + the role definition.' + type: string + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default @@ -298,13 +359,21 @@ spec: type: object x-kubernetes-validations: - message: displayName is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.displayName) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.displayName) + || has(self.initProvider.displayName)' - message: enabled is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.enabled) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.enabled) + || has(self.initProvider.enabled)' - message: permissions is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.permissions) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.permissions) + || has(self.initProvider.permissions)' - message: version is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.version) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.version) + || has(self.initProvider.version)' status: description: CustomDirectoryRoleStatus defines the observed state of CustomDirectoryRole. properties: diff --git a/package/crds/directoryroles.azuread.upbound.io_roleassignments.yaml b/package/crds/directoryroles.azuread.upbound.io_roleassignments.yaml index 133a7cf3..c8b5f4e8 100644 --- a/package/crds/directoryroles.azuread.upbound.io_roleassignments.yaml +++ b/package/crds/directoryroles.azuread.upbound.io_roleassignments.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: roleassignments.directoryroles.azuread.upbound.io spec: group: directoryroles.azuread.upbound.io @@ -57,7 +56,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -248,21 +247,68 @@ spec: type: object type: object type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + properties: + appScopeId: + description: Identifier of the app-specific scope when the assignment + scope is app-specific. Cannot be used with directory_scope_id. + See official documentation for example usage. Changing this + forces a new resource to be created. Identifier of the app-specific + scope when the assignment scope is app-specific + type: string + appScopeObjectId: + description: Identifier of the app-specific scope when the assignment + scope is app-specific + type: string + directoryScopeId: + description: Identifier of the directory object representing the + scope of the assignment. Cannot be used with app_scope_id. See + official documentation for example usage. Changing this forces + a new resource to be created. Identifier of the directory object + representing the scope of the assignment + type: string + directoryScopeObjectId: + description: Identifier of the directory object representing the + scope of the assignment + type: string + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default diff --git a/package/crds/directoryroles.azuread.upbound.io_roles.yaml b/package/crds/directoryroles.azuread.upbound.io_roles.yaml index 8f47e2a7..0809c45b 100644 --- a/package/crds/directoryroles.azuread.upbound.io_roles.yaml +++ b/package/crds/directoryroles.azuread.upbound.io_roles.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: roles.directoryroles.azuread.upbound.io spec: group: directoryroles.azuread.upbound.io @@ -57,7 +56,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -73,21 +72,51 @@ spec: name of the directory role type: string type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + properties: + displayName: + description: The display name of the directory role to activate. + Changing this forces a new resource to be created. The display + name of the directory role + type: string + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default diff --git a/package/crds/groups.azuread.upbound.io_groups.yaml b/package/crds/groups.azuread.upbound.io_groups.yaml index 53741790..f6e8faa4 100644 --- a/package/crds/groups.azuread.upbound.io_groups.yaml +++ b/package/crds/groups.azuread.upbound.io_groups.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: groups.groups.azuread.upbound.io spec: group: groups.azuread.upbound.io @@ -57,7 +56,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -127,9 +126,6 @@ spec: for a dynamic group. Required when `group_types` contains 'DynamicMembership' type: string - required: - - enabled - - rule type: object type: array externalSendersAllowed: @@ -252,21 +248,227 @@ spec: directory when Azure AD Connect is used type: boolean type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + properties: + administrativeUnitIds: + description: The object IDs of administrative units in which the + group is a member. If specified, new groups will be created + in the scope of the first administrative unit and added to the + others. If empty, new groups will be created at the tenant level. + The administrative unit IDs in which the group should be. If + empty, the group will be created at the tenant level. + items: + type: string + type: array + assignableToRole: + description: Indicates whether this group can be assigned to an + Azure Active Directory role. Defaults to false. Can only be + set to true for security-enabled groups. Changing this forces + a new resource to be created. Indicates whether this group can + be assigned to an Azure Active Directory role. This property + can only be `true` for security-enabled groups. + type: boolean + autoSubscribeNewMembers: + description: Indicates whether new members added to the group + will be auto-subscribed to receive email notifications. Can + only be set for Unified groups. Indicates whether new members + added to the group will be auto-subscribed to receive email + notifications. + type: boolean + behaviors: + description: A set of behaviors for a Microsoft 365 group. Possible + values are AllowOnlyMembersToPost, HideGroupInOutlook, SubscribeMembersToCalendarEventsDisabled, + SubscribeNewGroupMembers and WelcomeEmailDisabled. See official + documentation for more details. Changing this forces a new resource + to be created. The group behaviours for a Microsoft 365 group + items: + type: string + type: array + description: + description: The description for the group. The description for + the group + type: string + displayName: + description: The display name for the group. The display name + for the group + type: string + dynamicMembership: + description: A dynamic_membership block as documented below. Required + when types contains DynamicMembership. Cannot be used with the + members property. An optional block to configure dynamic membership + for the group. Cannot be used with `members` + items: + properties: + enabled: + description: Whether rule processing is "On" (true) or "Paused" + (false). + type: boolean + rule: + description: The rule that determines membership of this + group. For more information, see official documentation + on membership rules syntax. Rule to determine members + for a dynamic group. Required when `group_types` contains + 'DynamicMembership' + type: string + type: object + type: array + externalSendersAllowed: + description: Indicates whether people external to the organization + can send messages to the group. Can only be set for Unified + groups. Indicates whether people external to the organization + can send messages to the group. + type: boolean + hideFromAddressLists: + description: 'Indicates whether the group is displayed in certain + parts of the Outlook user interface: in the Address Book, in + address lists for selecting message recipients, and in the Browse + Groups dialog for searching groups. Can only be set for Unified + groups. Indicates whether the group is displayed in certain + parts of the Outlook user interface: in the Address Book, in + address lists for selecting message recipients, and in the Browse + Groups dialog for searching groups.' + type: boolean + hideFromOutlookClients: + description: Indicates whether the group is displayed in Outlook + clients, such as Outlook for Windows and Outlook on the web. + Can only be set for Unified groups. Indicates whether the group + is displayed in Outlook clients, such as Outlook for Windows + and Outlook on the web. + type: boolean + mailEnabled: + description: Whether the group is a mail enabled, with a shared + group mailbox. At least one of mail_enabled or security_enabled + must be specified. Only Microsoft 365 groups can be mail enabled + (see the types property). Whether the group is a mail enabled, + with a shared group mailbox. At least one of `mail_enabled` + or `security_enabled` must be specified. A group can be mail + enabled _and_ security enabled + type: boolean + mailNickname: + description: The mail alias for the group, unique in the organisation. + Required for mail-enabled groups. Changing this forces a new + resource to be created. The mail alias for the group, unique + in the organisation + type: string + members: + description: A set of members who should be present in this group. + Supported object types are Users, Groups or Service Principals. + Cannot be used with the dynamic_membership block. A set of members + who should be present in this group. Supported object types + are Users, Groups or Service Principals + items: + type: string + type: array + onpremisesGroupType: + description: The on-premises group type that the AAD group will + be written as, when writeback is enabled. Possible values are + UniversalDistributionGroup, UniversalMailEnabledSecurityGroup, + or UniversalSecurityGroup. Indicates the target on-premise group + type the group will be written back as + type: string + owners: + description: A set of object IDs of principals that will be granted + ownership of the group. Supported object types are users or + service principals. Groups cannot be created with no owners + or have all their owners removed. A set of owners who own this + group. Supported object types are Users or Service Principals + items: + type: string + type: array + preventDuplicateNames: + description: If true, will return an error if an existing group + is found with the same name. Defaults to false. If `true`, will + return an error if an existing group is found with the same + name + type: boolean + provisioningOptions: + description: A set of provisioning options for a Microsoft 365 + group. The only supported value is Team. See official documentation + for details. Changing this forces a new resource to be created. + The group provisioning options for a Microsoft 365 group + items: + type: string + type: array + securityEnabled: + description: Whether the group is a security group for controlling + access to in-app resources. At least one of security_enabled + or mail_enabled must be specified. A Microsoft 365 group can + be security enabled and mail enabled (see the types property). + Whether the group is a security group for controlling access + to in-app resources. At least one of `security_enabled` or `mail_enabled` + must be specified. A group can be security enabled _and_ mail + enabled + type: boolean + theme: + description: The colour theme for a Microsoft 365 group. Possible + values are Blue, Green, Orange, Pink, Purple, Red or Teal. By + default, no theme is set. The colour theme for a Microsoft 365 + group + type: string + types: + description: A set of group types to configure for the group. + Supported values are DynamicMembership, which denotes a group + with dynamic membership, and Unified, which specifies a Microsoft + 365 group. Required when mail_enabled is true. Changing this + forces a new resource to be created. A set of group types to + configure for the group. `Unified` specifies a Microsoft 365 + group. Required when `mail_enabled` is true + items: + type: string + type: array + visibility: + description: The group join policy and group content visibility. + Possible values are Private, Public, or Hiddenmembership. Only + Microsoft 365 groups can have Hiddenmembership visibility and + this value must be set when the group is created. By default, + security groups will receive Private visibility and Microsoft + 365 groups will receive Public visibility. Specifies the group + join policy and group content visibility + type: string + writebackEnabled: + description: Whether the group will be written back to the configured + on-premises Active Directory when Azure AD Connect is used. + Whether this group should be synced from Azure AD to the on-premises + directory when Azure AD Connect is used + type: boolean + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default @@ -440,7 +642,9 @@ spec: type: object x-kubernetes-validations: - message: displayName is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.displayName) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.displayName) + || has(self.initProvider.displayName)' status: description: GroupStatus defines the observed state of Group. properties: diff --git a/package/crds/groups.azuread.upbound.io_members.yaml b/package/crds/groups.azuread.upbound.io_members.yaml index 1aa1c7f5..4b0b71df 100644 --- a/package/crds/groups.azuread.upbound.io_members.yaml +++ b/package/crds/groups.azuread.upbound.io_members.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: members.groups.azuread.upbound.io spec: group: groups.azuread.upbound.io @@ -57,7 +56,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -227,21 +226,45 @@ spec: type: object type: object type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default diff --git a/package/crds/invitations.azuread.upbound.io_invitations.yaml b/package/crds/invitations.azuread.upbound.io_invitations.yaml index bee8b997..032ad360 100644 --- a/package/crds/invitations.azuread.upbound.io_invitations.yaml +++ b/package/crds/invitations.azuread.upbound.io_invitations.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: invitations.invitations.azuread.upbound.io spec: group: invitations.azuread.upbound.io @@ -57,7 +56,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -117,21 +116,95 @@ spec: being invited type: string type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + properties: + message: + description: A message block as documented below, which configures + the message being sent to the invited user. If this block is + omitted, no message will be sent. Customize the message sent + to the invited user + items: + properties: + additionalRecipients: + description: Email addresses of additional recipients the + invitation message should be sent to. Only 1 additional + recipient is currently supported by Azure. Email addresses + of additional recipients the invitation message should + be sent to + items: + type: string + type: array + body: + description: Customized message body you want to send if + you don't want to send the default message. Cannot be + specified with language. Customized message body you want + to send if you don't want to send the default message + type: string + language: + description: The language you want to send the default message + in. The value specified must be in ISO 639 format. Defaults + to en-US. Cannot be specified with body. The language + you want to send the default message in + type: string + type: object + type: array + redirectUrl: + description: The URL that the user should be redirected to once + the invitation is redeemed. The URL that the user should be + redirected to once the invitation is redeemed + type: string + userDisplayName: + description: The display name of the user being invited. The display + name of the user being invited + type: string + userEmailAddress: + description: The email address of the user being invited. The + email address of the user being invited + type: string + userType: + description: The user type of the user being invited. Must be + one of Guest or Member. Only Global Administrators can invite + users as members. Defaults to Guest. The user type of the user + being invited + type: string + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default @@ -305,9 +378,13 @@ spec: type: object x-kubernetes-validations: - message: redirectUrl is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.redirectUrl) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.redirectUrl) + || has(self.initProvider.redirectUrl)' - message: userEmailAddress is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.userEmailAddress) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.userEmailAddress) + || has(self.initProvider.userEmailAddress)' status: description: InvitationStatus defines the observed state of Invitation. properties: diff --git a/package/crds/policies.azuread.upbound.io_claimsmappingpolicies.yaml b/package/crds/policies.azuread.upbound.io_claimsmappingpolicies.yaml index 5bd9a69f..46c8322b 100644 --- a/package/crds/policies.azuread.upbound.io_claimsmappingpolicies.yaml +++ b/package/crds/policies.azuread.upbound.io_claimsmappingpolicies.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: claimsmappingpolicies.policies.azuread.upbound.io spec: group: policies.azuread.upbound.io @@ -58,7 +57,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -81,21 +80,58 @@ spec: Display name for this policy type: string type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + properties: + definition: + description: The claims mapping policy. This is a JSON formatted + string, for which the jsonencode() function can be used. A string + collection containing a JSON string that defines the rules and + settings for this policy + items: + type: string + type: array + displayName: + description: The display name for this Claims Mapping Policy. + Display name for this policy + type: string + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default @@ -269,9 +305,13 @@ spec: type: object x-kubernetes-validations: - message: definition is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.definition) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.definition) + || has(self.initProvider.definition)' - message: displayName is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.displayName) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.displayName) + || has(self.initProvider.displayName)' status: description: ClaimsMappingPolicyStatus defines the observed state of ClaimsMappingPolicy. properties: diff --git a/package/crds/serviceprincipaldelegated.azuread.upbound.io_permissiongrants.yaml b/package/crds/serviceprincipaldelegated.azuread.upbound.io_permissiongrants.yaml index 81b78380..18e88f1c 100644 --- a/package/crds/serviceprincipaldelegated.azuread.upbound.io_permissiongrants.yaml +++ b/package/crds/serviceprincipaldelegated.azuread.upbound.io_permissiongrants.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: permissiongrants.serviceprincipaldelegated.azuread.upbound.io spec: group: serviceprincipaldelegated.azuread.upbound.io @@ -57,7 +56,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -320,21 +319,54 @@ spec: type: object type: object type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + properties: + claimValues: + description: '- A set of claim values for delegated permission + scopes which should be included in access tokens for the resource. + A set of claim values for delegated permission scopes which + should be included in access tokens for the resource' + items: + type: string + type: array + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default @@ -508,7 +540,9 @@ spec: type: object x-kubernetes-validations: - message: claimValues is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.claimValues) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.claimValues) + || has(self.initProvider.claimValues)' status: description: PermissionGrantStatus defines the observed state of PermissionGrant. properties: diff --git a/package/crds/serviceprincipals.azuread.upbound.io_certificates.yaml b/package/crds/serviceprincipals.azuread.upbound.io_certificates.yaml index a982ba90..3cea47b0 100644 --- a/package/crds/serviceprincipals.azuread.upbound.io_certificates.yaml +++ b/package/crds/serviceprincipals.azuread.upbound.io_certificates.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: certificates.serviceprincipals.azuread.upbound.io spec: group: serviceprincipals.azuread.upbound.io @@ -57,7 +56,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -211,21 +210,90 @@ spec: - namespace type: object type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + properties: + encoding: + description: Specifies the encoding used for the supplied certificate + data. Must be one of pem, base64 or hex. Defaults to pem. Specifies + the encoding used for the supplied certificate data + type: string + endDate: + description: The end date until which the certificate is valid, + formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). + Changing this field forces a new resource to be created. The + end date until which the certificate is valid, formatted as + an RFC3339 date string (e.g. `2018-01-01T01:02:03Z`) + type: string + endDateRelative: + description: A relative duration for which the certificate is + valid until, for example 240h (10 days) or 2400h30m. Valid time + units are "ns", "us" (or "µs"), "ms", "s", "m", "h". Changing + this field forces a new resource to be created. A relative duration + for which the certificate is valid until, for example `240h` + (10 days) or `2400h30m`. Valid time units are "ns", "us" (or + "µs"), "ms", "s", "m", "h" + type: string + keyId: + description: A UUID used to uniquely identify this certificate. + If not specified a UUID will be automatically generated. Changing + this field forces a new resource to be created. A UUID used + to uniquely identify this certificate. If not specified a UUID + will be automatically generated + type: string + startDate: + description: The start date from which the certificate is valid, + formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). + If this isn't specified, the value is determined by Azure Active + Directory and is usually the start date of the certificate for + asymmetric keys, or the current timestamp for symmetric keys. + Changing this field forces a new resource to be created. The + start date from which the certificate is valid, formatted as + an RFC3339 date string (e.g. `2018-01-01T01:02:03Z`). If this + isn't specified, the current date is used + type: string + type: + description: The type of key/certificate. Must be one of AsymmetricX509Cert + or Symmetric. Changing this fields forces a new resource to + be created. The type of key/certificate + type: string + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default @@ -399,7 +467,8 @@ spec: type: object x-kubernetes-validations: - message: valueSecretRef is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.valueSecretRef) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.valueSecretRef)' status: description: CertificateStatus defines the observed state of Certificate. properties: diff --git a/package/crds/serviceprincipals.azuread.upbound.io_claimsmappingpolicyassignments.yaml b/package/crds/serviceprincipals.azuread.upbound.io_claimsmappingpolicyassignments.yaml index e14c30ed..3f42841c 100644 --- a/package/crds/serviceprincipals.azuread.upbound.io_claimsmappingpolicyassignments.yaml +++ b/package/crds/serviceprincipals.azuread.upbound.io_claimsmappingpolicyassignments.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: claimsmappingpolicyassignments.serviceprincipals.azuread.upbound.io spec: group: serviceprincipals.azuread.upbound.io @@ -59,7 +58,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -227,21 +226,45 @@ spec: type: object type: object type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default diff --git a/package/crds/serviceprincipals.azuread.upbound.io_passwords.yaml b/package/crds/serviceprincipals.azuread.upbound.io_passwords.yaml index 80de58e8..8131a87b 100644 --- a/package/crds/serviceprincipals.azuread.upbound.io_passwords.yaml +++ b/package/crds/serviceprincipals.azuread.upbound.io_passwords.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: passwords.serviceprincipals.azuread.upbound.io spec: group: serviceprincipals.azuread.upbound.io @@ -57,7 +56,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -185,21 +184,84 @@ spec: the current date is used type: string type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + properties: + displayName: + description: A display name for the password. A display name for + the password + type: string + endDate: + description: The end date until which the password is valid, formatted + as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). Changing + this field forces a new resource to be created. The end date + until which the password is valid, formatted as an RFC3339 date + string (e.g. `2018-01-01T01:02:03Z`) + type: string + endDateRelative: + description: A relative duration for which the password is valid + until, for example 240h (10 days) or 2400h30m. Changing this + field forces a new resource to be created. A relative duration + for which the password is valid until, for example `240h` (10 + days) or `2400h30m`. Changing this field forces a new resource + to be created + type: string + rotateWhenChanged: + additionalProperties: + type: string + description: A map of arbitrary key/value pairs that will force + recreation of the password when they change, enabling password + rotation based on external conditions such as a rotating timestamp. + Changing this forces a new resource to be created. Arbitrary + map of values that, when changed, will trigger rotation of the + password + type: object + startDate: + description: The start date from which the password is valid, + formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). + If this isn't specified, the current date is used. Changing + this field forces a new resource to be created. The start date + from which the password is valid, formatted as an RFC3339 date + string (e.g. `2018-01-01T01:02:03Z`). If this isn't specified, + the current date is used + type: string + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default diff --git a/package/crds/serviceprincipals.azuread.upbound.io_principals.yaml b/package/crds/serviceprincipals.azuread.upbound.io_principals.yaml index ac65260f..578532e5 100644 --- a/package/crds/serviceprincipals.azuread.upbound.io_principals.yaml +++ b/package/crds/serviceprincipals.azuread.upbound.io_principals.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: principals.serviceprincipals.azuread.upbound.io spec: group: serviceprincipals.azuread.upbound.io @@ -57,7 +56,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -286,21 +285,183 @@ spec: principal instead of failing with an error type: boolean type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + properties: + accountEnabled: + description: Whether or not the service principal account is enabled. + Defaults to true. Whether or not the service principal account + is enabled + type: boolean + alternativeNames: + description: A set of alternative names, used to retrieve service + principals by subscription, identify resource group and full + resource ids for managed identities. A list of alternative names, + used to retrieve service principals by subscription, identify + resource group and full resource ids for managed identities + items: + type: string + type: array + appRoleAssignmentRequired: + description: Whether this service principal requires an app role + assignment to a user or group before Azure AD will issue a user + or access token to the application. Defaults to false. Whether + this service principal requires an app role assignment to a + user or group before Azure AD will issue a user or access token + to the application + type: boolean + description: + description: A description of the service principal provided for + internal end-users. Description of the service principal provided + for internal end-users + type: string + featureTags: + description: A feature_tags block as described below. Cannot be + used together with the tags property. Block of features to configure + for this service principal using tags + items: + properties: + customSingleSignOn: + description: Whether this service principal represents a + custom SAML application. Enabling this will assign the + WindowsAzureActiveDirectoryCustomSingleSignOnApplication + tag. Defaults to false. Whether this service principal + represents a custom SAML application + type: boolean + enterprise: + description: Whether this service principal represents an + Enterprise Application. Enabling this will assign the + WindowsAzureActiveDirectoryIntegratedApp tag. Defaults + to false. Whether this service principal represents an + Enterprise Application + type: boolean + gallery: + description: Whether this service principal represents a + gallery application. Enabling this will assign the WindowsAzureActiveDirectoryGalleryApplicationNonPrimaryV1 + tag. Defaults to false. Whether this service principal + represents a gallery application + type: boolean + hide: + description: Whether this app is invisible to users in My + Apps and Office 365 Launcher. Enabling this will assign + the HideApp tag. Defaults to false. Whether this app is + invisible to users in My Apps and Office 365 Launcher + type: boolean + type: object + type: array + loginUrl: + description: The URL where the service provider redirects the + user to Azure AD to authenticate. Azure AD uses the URL to launch + the application from Microsoft 365 or the Azure AD My Apps. + When blank, Azure AD performs IdP-initiated sign-on for applications + configured with SAML-based single sign-on. The URL where the + service provider redirects the user to Azure AD to authenticate. + Azure AD uses the URL to launch the application from Microsoft + 365 or the Azure AD My Apps. When blank, Azure AD performs IdP-initiated + sign-on for applications configured with SAML-based single sign-on + type: string + notes: + description: A free text field to capture information about the + service principal, typically used for operational purposes. + Free text field to capture information about the service principal, + typically used for operational purposes + type: string + notificationEmailAddresses: + description: A set of email addresses where Azure AD sends a notification + when the active certificate is near the expiration date. This + is only for the certificates used to sign the SAML token issued + for Azure AD Gallery applications. List of email addresses where + Azure AD sends a notification when the active certificate is + near the expiration date. This is only for the certificates + used to sign the SAML token issued for Azure AD Gallery applications + items: + type: string + type: array + owners: + description: A set of object IDs of principals that will be granted + ownership of the service principal. Supported object types are + users or service principals. By default, no owners are assigned. + A list of object IDs of principals that will be granted ownership + of the service principal + items: + type: string + type: array + preferredSingleSignOnMode: + description: The single sign-on mode configured for this application. + Azure AD uses the preferred single sign-on mode to launch the + application from Microsoft 365 or the Azure AD My Apps. Supported + values are oidc, password, saml or notSupported. Omit this property + or specify a blank string to unset. The single sign-on mode + configured for this application. Azure AD uses the preferred + single sign-on mode to launch the application from Microsoft + 365 or the Azure AD My Apps + type: string + samlSingleSignOn: + description: A saml_single_sign_on block as documented below. + Settings related to SAML single sign-on + items: + properties: + relayState: + description: The relative URI the service provider would + redirect to after completion of the single sign-on flow. + The relative URI the service provider would redirect to + after completion of the single sign-on flow + type: string + type: object + type: array + tags: + description: A set of tags to apply to the service principal for + configuring specific behaviours of the service principal. Note + that these are not provided for use by practitioners. Cannot + be used together with the feature_tags block. A set of tags + to apply to the service principal + items: + type: string + type: array + useExisting: + description: When true, any existing service principal linked + to the same application will be automatically imported. When + false, an import error will be raised for any pre-existing service + principal. When true, the resource will return an existing service + principal instead of failing with an error + type: boolean + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default diff --git a/package/crds/serviceprincipals.azuread.upbound.io_tokensigningcertificates.yaml b/package/crds/serviceprincipals.azuread.upbound.io_tokensigningcertificates.yaml index cc3baa0f..f0104f12 100644 --- a/package/crds/serviceprincipals.azuread.upbound.io_tokensigningcertificates.yaml +++ b/package/crds/serviceprincipals.azuread.upbound.io_tokensigningcertificates.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: tokensigningcertificates.serviceprincipals.azuread.upbound.io spec: group: serviceprincipals.azuread.upbound.io @@ -59,7 +58,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -164,21 +163,59 @@ spec: type: object type: object type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + properties: + displayName: + description: Specifies a friendly name for the certificate. Must + start with CN=. Changing this field forces a new resource to + be created. A friendly name for the certificate + type: string + endDate: + description: The end date until which the token signing certificate + is valid, formatted as an RFC3339 date string (e.g. 2018-01-01T01:02:03Z). + Changing this field forces a new resource to be created. The + end date until which the certificate is valid, formatted as + an RFC3339 date string (e.g. `2018-01-01T01:02:03Z`). Default + is 3 years from current date. + type: string + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default diff --git a/package/crds/synchronization.azuread.upbound.io_jobs.yaml b/package/crds/synchronization.azuread.upbound.io_jobs.yaml index 28dfb3b2..7471959d 100644 --- a/package/crds/synchronization.azuread.upbound.io_jobs.yaml +++ b/package/crds/synchronization.azuread.upbound.io_jobs.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: jobs.synchronization.azuread.upbound.io spec: group: synchronization.azuread.upbound.io @@ -57,7 +56,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -158,21 +157,55 @@ spec: job is based on. type: string type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + properties: + enabled: + description: Whether or not the provisioning job is enabled. Default + state is true. Whether or not the synchronization job is enabled + type: boolean + templateId: + description: Identifier of the synchronization template this job + is based on. Identifier of the synchronization template this + job is based on. + type: string + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default @@ -346,7 +379,9 @@ spec: type: object x-kubernetes-validations: - message: templateId is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.templateId) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.templateId) + || has(self.initProvider.templateId)' status: description: JobStatus defines the observed state of Job. properties: diff --git a/package/crds/synchronization.azuread.upbound.io_secrets.yaml b/package/crds/synchronization.azuread.upbound.io_secrets.yaml index a919165b..4a59f534 100644 --- a/package/crds/synchronization.azuread.upbound.io_secrets.yaml +++ b/package/crds/synchronization.azuread.upbound.io_secrets.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: secrets.synchronization.azuread.upbound.io spec: group: synchronization.azuread.upbound.io @@ -57,7 +56,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -94,7 +93,6 @@ spec: - namespace type: object required: - - key - valueSecretRef type: object type: array @@ -181,21 +179,56 @@ spec: type: object type: object type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + properties: + credential: + description: One or more credential blocks as documented below. + items: + properties: + key: + description: The key of the secret. Name for this key-value + pair. + type: string + type: object + type: array + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default diff --git a/package/crds/users.azuread.upbound.io_users.yaml b/package/crds/users.azuread.upbound.io_users.yaml index 6b5aa853..59ce89b3 100644 --- a/package/crds/users.azuread.upbound.io_users.yaml +++ b/package/crds/users.azuread.upbound.io_users.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: users.users.azuread.upbound.io spec: group: users.azuread.upbound.io @@ -57,7 +56,7 @@ spec: description: 'DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. This field is planned to be deprecated - in favor of the ManagementPolicy field in a future release. Currently, + in favor of the ManagementPolicies field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' @@ -270,21 +269,225 @@ spec: principal name (UPN) of the user type: string type: object - managementPolicy: - default: FullControl + initProvider: + description: THIS IS AN ALPHA FIELD. Do not use it in production. + It is not honored unless the relevant Crossplane feature flag is + enabled, and may be changed or removed without notice. InitProvider + holds the same fields as ForProvider, with the exception of Identifier + and other resource reference fields. The fields that are in InitProvider + are merged into ForProvider when the resource is created. The same + fields are also added to the terraform ignore_changes hook, to avoid + updating them after creation. This is useful for fields that are + required on creation, but we do not desire to update them after + creation, for example because of an external controller is managing + them, like an autoscaler. + properties: + accountEnabled: + description: Whether or not the account should be enabled. Whether + or not the account should be enabled + type: boolean + ageGroup: + description: The age group of the user. Supported values are Adult, + NotAdult and Minor. Omit this property or specify a blank string + to unset. The age group of the user + type: string + businessPhones: + description: A list of telephone numbers for the user. Only one + number can be set for this property. Read-only for users synced + with Azure AD Connect. The telephone numbers for the user. Only + one number can be set for this property. Read-only for users + synced with Azure AD Connect + items: + type: string + type: array + city: + description: The city in which the user is located. The city in + which the user is located + type: string + companyName: + description: The company name which the user is associated. This + property can be useful for describing the company that an external + user comes from. The company name which the user is associated. + This property can be useful for describing the company that + an external user comes from + type: string + consentProvidedForMinor: + description: Whether consent has been obtained for minors. Supported + values are Granted, Denied and NotRequired. Omit this property + or specify a blank string to unset. Whether consent has been + obtained for minors + type: string + costCenter: + description: The cost center associated with the user. The cost + center associated with the user. + type: string + country: + description: The country/region in which the user is located, + e.g. US or UK. The country/region in which the user is located, + e.g. `US` or `UK` + type: string + department: + description: The name for the department in which the user works. + The name for the department in which the user works + type: string + disablePasswordExpiration: + description: Whether the user's password is exempt from expiring. + Defaults to false. Whether the users password is exempt from + expiring + type: boolean + disableStrongPassword: + description: Whether the user is allowed weaker passwords than + the default policy to be specified. Defaults to false. Whether + the user is allowed weaker passwords than the default policy + to be specified. + type: boolean + displayName: + description: The name to display in the address book for the user. + The name to display in the address book for the user + type: string + division: + description: The name of the division in which the user works. + The name of the division in which the user works. + type: string + employeeId: + description: The employee identifier assigned to the user by the + organisation. The employee identifier assigned to the user by + the organisation + type: string + employeeType: + description: Captures enterprise worker type. For example, Employee, + Contractor, Consultant, or Vendor. Captures enterprise worker + type. For example, Employee, Contractor, Consultant, or Vendor. + type: string + faxNumber: + description: The fax number of the user. The fax number of the + user + type: string + forcePasswordChange: + description: Whether the user is forced to change the password + during the next sign-in. Only takes effect when also changing + the password. Defaults to false. Whether the user is forced + to change the password during the next sign-in. Only takes effect + when also changing the password + type: boolean + givenName: + description: The given name (first name) of the user. The given + name (first name) of the user + type: string + jobTitle: + description: The user’s job title. The user’s job title + type: string + mail: + description: The SMTP address for the user. This property cannot + be unset once specified. The SMTP address for the user. Cannot + be unset. + type: string + mailNickname: + description: The mail alias for the user. Defaults to the user + name part of the user principal name (UPN). The mail alias for + the user. Defaults to the user name part of the user principal + name (UPN) + type: string + managerId: + description: The object ID of the user's manager. The object ID + of the user's manager + type: string + mobilePhone: + description: The primary cellular telephone number for the user. + The primary cellular telephone number for the user + type: string + officeLocation: + description: The office location in the user's place of business. + The office location in the user's place of business + type: string + onpremisesImmutableId: + description: The value used to associate an on-premise Active + Directory user account with their Azure AD user object. This + must be specified if you are using a federated domain for the + user's user_principal_name property when creating a new user + account. The value used to associate an on-premise Active Directory + user account with their Azure AD user object. This must be specified + if you are using a federated domain for the user's `user_principal_name` + property when creating a new user account + type: string + otherMails: + description: A list of additional email addresses for the user. + Additional email addresses for the user + items: + type: string + type: array + postalCode: + description: The postal code for the user's postal address. The + postal code is specific to the user's country/region. In the + United States of America, this attribute contains the ZIP code. + The postal code for the user's postal address. The postal code + is specific to the user's country/region. In the United States + of America, this attribute contains the ZIP code + type: string + preferredLanguage: + description: The user's preferred language, in ISO 639-1 notation. + The user's preferred language, in ISO 639-1 notation + type: string + showInAddressList: + description: Whether or not the Outlook global address list should + include this user. Defaults to true. Whether or not the Outlook + global address list should include this user + type: boolean + state: + description: The state or province in the user's address. The + state or province in the user's address + type: string + streetAddress: + description: The street address of the user's place of business. + The street address of the user's place of business + type: string + surname: + description: The user's surname (family name or last name). The + user's surname (family name or last name) + type: string + usageLocation: + description: 'The usage location of the user. Required for users + that will be assigned licenses due to legal requirement to check + for availability of services in countries. The usage location + is a two letter country code (ISO standard 3166). Examples include: + NO, JP, and GB. Cannot be reset to null once set. The usage + location of the user. Required for users that will be assigned + licenses due to legal requirement to check for availability + of services in countries. The usage location is a two letter + country code (ISO standard 3166). Examples include: `NO`, `JP`, + and `GB`. Cannot be reset to null once set' + type: string + userPrincipalName: + description: The user principal name (UPN) of the user. The user + principal name (UPN) of the user + type: string + type: object + managementPolicies: + default: + - '*' description: 'THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored unless the relevant Crossplane feature flag is - enabled, and may be changed or removed without notice. ManagementPolicy - specifies the level of control Crossplane has over the managed external - resource. This field is planned to replace the DeletionPolicy field - in a future release. Currently, both could be set independently - and non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223' - enum: - - FullControl - - ObserveOnly - - OrphanOnDelete - type: string + enabled, and may be changed or removed without notice. ManagementPolicies + specify the array of actions Crossplane is allowed to take on the + managed and external resources. This field is planned to replace + the DeletionPolicy field in a future release. Currently, both could + be set independently and non-default values would be honored if + the feature flag is enabled. If both are custom, the DeletionPolicy + field will be ignored. See the design doc for more information: + https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 + and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md' + items: + description: A ManagementAction represents an action that the Crossplane + controllers can take on an external resource. + enum: + - Observe + - Create + - Update + - Delete + - LateInitialize + - '*' + type: string + type: array providerConfigRef: default: name: default @@ -458,9 +661,13 @@ spec: type: object x-kubernetes-validations: - message: displayName is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.displayName) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.displayName) + || has(self.initProvider.displayName)' - message: userPrincipalName is a required parameter - rule: self.managementPolicy == 'ObserveOnly' || has(self.forProvider.userPrincipalName) + rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies + || ''Update'' in self.managementPolicies) || has(self.forProvider.userPrincipalName) + || has(self.initProvider.userPrincipalName)' status: description: UserStatus defines the observed state of User. properties: