From 9464f4e1b55334b41512df0011bdc7735aad5897 Mon Sep 17 00:00:00 2001 From: Renan Campos Date: Fri, 30 Aug 2024 09:50:02 -0400 Subject: [PATCH] Defining wif support The support group specifies the permissions the user needs to grant the SRE team in order to perform the SOPs needed to service OSD-GCP clusters. The granting of these permissions occurs on the client side after they have created a WifConfig resource. --- model/clusters_mgmt/v1/wif_config_type.model | 2 ++ model/clusters_mgmt/v1/wif_support_type.model | 20 +++++++++++++++++++ .../v2alpha1/wif_config_type.model | 2 ++ .../v2alpha1/wif_support_type.model | 20 +++++++++++++++++++ 4 files changed, 44 insertions(+) create mode 100644 model/clusters_mgmt/v1/wif_support_type.model create mode 100644 model/clusters_mgmt/v2alpha1/wif_support_type.model diff --git a/model/clusters_mgmt/v1/wif_config_type.model b/model/clusters_mgmt/v1/wif_config_type.model index d229872b..10112fa4 100644 --- a/model/clusters_mgmt/v1/wif_config_type.model +++ b/model/clusters_mgmt/v1/wif_config_type.model @@ -36,6 +36,8 @@ struct WifGcp { // The list of service accounts and their associated roles that will need to be // configured on the user's GCP project. ServiceAccounts []WifServiceAccount + // Defines the access configuration for support + Support WifSupport // The workload identity configuration data that will be used to create the // workload identity pool on the user's account. WorkloadIdentityPool WifPool diff --git a/model/clusters_mgmt/v1/wif_support_type.model b/model/clusters_mgmt/v1/wif_support_type.model new file mode 100644 index 00000000..5a4f3014 --- /dev/null +++ b/model/clusters_mgmt/v1/wif_support_type.model @@ -0,0 +1,20 @@ +/* +Copyright (c) 2024 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +struct WifSupport { + GroupEmail String + Roles []WifRole +} diff --git a/model/clusters_mgmt/v2alpha1/wif_config_type.model b/model/clusters_mgmt/v2alpha1/wif_config_type.model index 08ffd6eb..d460aac7 100644 --- a/model/clusters_mgmt/v2alpha1/wif_config_type.model +++ b/model/clusters_mgmt/v2alpha1/wif_config_type.model @@ -32,6 +32,8 @@ struct WifGcp { // The list of service accounts and their associated roles that will need to be // configured on the user's GCP project. ServiceAccounts []WifServiceAccount + // Defines the access configuration for support + Support WifSupport // The workload identity configuration data that will be used to create the // workload identity pool on the user's account. WorkloadIdentityPool WifPool diff --git a/model/clusters_mgmt/v2alpha1/wif_support_type.model b/model/clusters_mgmt/v2alpha1/wif_support_type.model new file mode 100644 index 00000000..5a4f3014 --- /dev/null +++ b/model/clusters_mgmt/v2alpha1/wif_support_type.model @@ -0,0 +1,20 @@ +/* +Copyright (c) 2024 Red Hat, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +struct WifSupport { + GroupEmail String + Roles []WifRole +}